Web_AUTS_Server_Prod/AUTS_Server/Service/IEncryptionService.cs

using Microsoft.AspNetCore.Mvc;
using OtpNet;
using static AUTS_Server.Service.MultiFactorAuthController;

namespace AUTS_Server.Service
{
    public interface IEncryptionService
    {
        //md5加密
        string Encrypt(string str);
        // 手动构建TOTP URI
        string BuildTotpUri(string secret, string user, string issuer);
        // 验证TOTP
        bool VerifyTOTP(VerifyTOTPRequest request);
        // 生成并返回密钥和二维码URL
        GenerateKeyinfo GenerateKey();
    }
    [ApiController]
    [Route("[controller]")]
    public class MultiFactorAuthController : ControllerBase
    {
        // 生成并返回密钥和二维码URL
        [HttpGet("GenerateKey")]
        public IActionResult GenerateKey()
        {
            var key = KeyGeneration.GenerateRandomKey(20);
            var base32Secret = Base32Encoding.ToString(key);
            var issuer = "AUTS";
            var userAccount = "new.uts-data.com";
            var totpSetupUrl = BuildTotpUri(base32Secret, userAccount, issuer);

            // 返回密钥和二维码URL
            return Ok(new { SecretKey = base32Secret, QrCodeSetupUrl = totpSetupUrl });
        }

        // 验证TOTP
        [HttpPost("VerifyTOTP")]
        public IActionResult VerifyTOTP([FromBody] VerifyTOTPRequest request)
        {
            var key = Base32Encoding.ToBytes(request.SecretKey);
            long timeStepMatched;
            var totp = new Totp(key);
            var TotpCode = "";
            bool isValid = totp.VerifyTotp(TotpCode, out timeStepMatched, new VerificationWindow(2, 2));

            if (isValid)
            {
                // 验证成功
                return Ok(new { Success = true });
            }
            else
            {
                // 验证失败
                return BadRequest(new { Success = false });
            }
        }

        // 手动构建TOTP URI
        private string BuildTotpUri(string secret, string user, string issuer)
        {
            var issuerParameter = string.IsNullOrEmpty(issuer) ? "" : $"&issuer={Uri.EscapeDataString(issuer)}";
            return $"otpauth://totp/{Uri.EscapeDataString(user)}?secret={secret}{issuerParameter}&algorithm=SHA1&digits=6&period=30";
        }

 
    }
    public class VerifyTOTPRequest
    {
        public string SecretKey { get; set; }
        public string UserId { get; set; }
    }
}