diff options
| -rw-r--r-- | README.md | 23 |
1 files changed, 12 insertions, 11 deletions
@@ -16,8 +16,7 @@ You can use this library as well for a client application (if you want to create For a client application, you need to save the secret key for your user. <br/> Then, you only have to call the method GetCode(string) : -<pre><code> -var secret = user.secretAuthToken; +<pre><code>var secret = user.secretAuthToken; var authenticator = new TwoStepsAuthenticator.TimeAuthenticator(); var code = authenticator.GetCode(secret); </code></pre> @@ -26,16 +25,14 @@ var code = authenticator.GetCode(secret); On a server application, you will have to generate a secret key, and share it with the user, who will have to enter it in his own authenticator app. -<pre><code> -var key = TwoStepsAuthenticator.Authenticator.GenerateKey(); +<pre><code>var key = TwoStepsAuthenticator.Authenticator.GenerateKey(); </code></pre> When the user will login, he will have to give you the code generated by his authenticator.<br/> You can check if the code is correct with the method CheckCode(string secret, string code).<br/> If the code is incorrect, don't log him. -<pre><code> -var secret = user.secretAuthToken; +<pre><code>var secret = user.secretAuthToken; var code = Request.Form["code"]; var authenticator = new TwoStepsAuthenticator.TimeAuthenticator(); bool isok = authenticator.CheckCode(secret, code); @@ -49,13 +46,17 @@ A default implementation is provided : used codes are kept in memory for 5 minut You can define how the used codes are stored, for example if you want to handle persistence (database storage), or if you have multiple webservers.<br/> You have to implement the 2 methods of the IUsedCodesManager : -<pre><code> -void AddCode(ulong challenge, string code); -bool IsCodeUsed(ulong challenge, string code); +<pre><code>void AddCode(ulong challenge, string code, object user); +bool IsCodeUsed(ulong challenge, string code, object user); </code></pre> +The user class must implement correctly the GetHashCode and Equals methods, because they are used to check if a specific user has used each code. + When you create a new Authenticator, add the instance of your IUsedCodesManager as the first param -<pre><code> -var usedCodeManager = new CustomUsedCodeManager(); +<pre><code>var usedCodeManager = new CustomUsedCodeManager(); var authenticator = new TwoStepsAuthenticator.TimeAuthenticator(usedCodeManager); </code></pre> + +And when you check if the code is ok, you need to add the user object to the CheckCode method +<pre><code>bool isok = authenticator.CheckCode(secret, code, user); +</code></pre>
\ No newline at end of file |