Generator Changes at 9/27/2025 11:07:17 PM

src/CMSMicroservice.Application/OtpTokenCQ/Commands/VerifyOtpToken/VerifyOtpTokenCommandHandler.cs

@@ -0,0 +1,87 @@
+using CMSMicroservice.Domain.Events;
+using Microsoft.Extensions.Configuration;
+using System.Security.Cryptography;
+using System.Text;
+namespace CMSMicroservice.Application.OtpTokenCQ.Commands.VerifyOtpToken;
+public class VerifyOtpTokenCommandHandler : IRequestHandler<VerifyOtpTokenCommand, VerifyOtpTokenResponseDto>
+{
+    private readonly IApplicationDbContext _context;
+    private readonly IConfiguration _cfg;
+
+    public VerifyOtpTokenCommandHandler(IApplicationDbContext context, IConfiguration cfg)
+    {
+        _context = context;
+        _cfg = cfg;
+    }
+
+    const int MaxAttempts = 5;              // محدودیت تلاش    
+    public async Task<VerifyOtpTokenResponseDto> Handle(VerifyOtpTokenCommand request, CancellationToken cancellationToken)
+    {
+        var mobile = request.Mobile.NormalizeIranMobile();
+        var purpose = request.Purpose?.ToLowerInvariant() ?? "signup";
+        var now = DateTime.Now;
+
+
+        var otp = await _context.OtpTokens
+            .Where(o => o.Mobile == mobile && o.Purpose == purpose && !o.IsUsed && o.ExpiresAt > now)
+            .OrderByDescending(o => o.Created)
+            .FirstOrDefaultAsync(cancellationToken);
+
+        if (otp is null) return new VerifyOtpTokenResponseDto() { Success = false, Message = "کد پیدا نشد یا منقضی شده است." };
+
+        if (otp.Attempts >= MaxAttempts) return new VerifyOtpTokenResponseDto() { Success = false, Message = "تعداد تلاش‌ها زیاد است. دوباره کد بگیرید." };
+
+        otp.Attempts++;
+
+        if (!VerifyHash(request.Code, otp.CodeHash))
+        {
+            await _context.SaveChangesAsync(cancellationToken);
+            return new VerifyOtpTokenResponseDto() { Success = false, Message = "کد نادرست است." };
+        }
+
+        // موفق
+        otp.IsUsed = true;
+
+        // کاربر را بساز/به‌روزرسانی کن
+        var user = await _context.Users.FirstOrDefaultAsync(u => u.Mobile == mobile, cancellationToken);
+        if (user is null)
+        {
+            user = new User
+            {
+                Mobile = mobile,
+                ReferralCode = UtilExtensions.Generate(digits: 10, firstDigitNonZero: true),
+                IsMobileVerified = true,
+                MobileVerifiedAt = now
+            };
+            await _context.Users.AddAsync(user, cancellationToken);
+            user.AddDomainEvent(new CreateNewUserEvent(user));
+            await _context.SaveChangesAsync(cancellationToken);
+        }
+        else
+        {
+            user.IsMobileVerified = true;
+            user.MobileVerifiedAt ??= now;
+
+            _context.Users.Update(user);
+            user.AddDomainEvent(new UpdateUserEvent(user));
+            await _context.SaveChangesAsync(cancellationToken);
+        }
+
+        return new VerifyOtpTokenResponseDto()
+        {
+            Success = true,
+            Message = "اعتبارسنجی موفق."
+        };
+    }
+
+    private string Hash(string code)
+    {
+        // HMAC با secret اپ (نیازی به ذخیره salt جدا نیست)
+        var secret = _cfg["Otp:Secret"] ?? throw new InvalidOperationException("Otp:Secret not set");
+        using var h = new HMACSHA256(Encoding.UTF8.GetBytes(secret));
+        var hash = h.ComputeHash(Encoding.UTF8.GetBytes(code));
+        return Convert.ToHexString(hash);
+    }
+    private bool VerifyHash(string code, string hexHash) => Hash(code).Equals(hexHash, StringComparison.OrdinalIgnoreCase);
+
+}