I'm trying to use ASP.NET MVC implement the functionality of user retrieving his password once he forget it. This functionality uses SMS authenticating mechanism for verifying users who forget their password and the procedure of that functionality is listed as follows:
-
User type his username on a text input of the web page and click "submit" button.
-
The system checks the user in database with the input user name.
2.1 If the user is not found in database, the system will display a message that the given user name is not correct.
2.2 Otherwise the system will retrieve the phone number field of that user.
-
The system generates a 4-digits verifying code and send it to the mobile phone of that users by invoking external SMS Web Service.
-
The system displays a form and ask user to input the verifying code he get from his mobile phone and click "submit" button.
-
The system compares the input code with the correct code.
5.1 If the two codes is the same, the system will display the password of that user.
5.2 Otherwise, the system will display a message that the given code is incorrect.
When implementing it, step 1 to 3 is relatively OK to me, but from step 4 on, I don't know what's a good way to make it. To be specific, I can come up with three questions so far:
- How could the system handle step 4? Should the controller redirect to a different page for retrieving the input of verifying code? Or everything just need to be put on one single page and the controller just reload it?
- Where should I store the verifying code and password after step 3? The Model, Controller or View?
- Which part should handle the code validation logic at Step 5?
Aucun commentaire:
Enregistrer un commentaire