How to implement _javascript technique based on JavaScript SMS verification Code

We use mobile, telecommunications and other operators online business hall, in order to ensure the integrity and correctness of the operation, often need to use the code of the text message. A similar function has been done recently because of the business needs of a particular province.

The principle is very simple, that is, when the user clicks "Get Authentication Code", Ajax gets a number of fixed digits, and then writes the database to send text messages, write cookies to set the validity of the verification code.

JS Request Verification code is as follows:

 $.ajax ({type: "Get", url: "...) /ajax/smsrandcodetest.ashx?phone= "+ phone.val () +" &smscoderand= "+ num, success:function (Result) {if (result = = Y ") {alert (" The verification code has been sent to the phone number you entered!)
Valid for 5 minutes ");
Remaintime (); else {alert ("Authentication code acquisition failed!")
Please retrieve ");
}, Error:function () {alert ("error");});
Gets the 6-bit random authentication code function random () {var num = "";
for (i = 0; i < 6; i++) {num = num + math.floor (math.random () *);
}//Validation code expiration Countdown function Remaintime () {var isecond; var ssecond = "", stime = ""; if (itime >= 0) {Isecond = parseint (itime%); if (isecond >= 0) {Ssecond = Itime + "SEC";} stime = "<span St Yle= ' color:darkorange;font-size:13px; '
> "+ ssecond + </span>"; if (itime = = 0) {cleartimeout (account); stime = "<span style= ' color:red;font-size:12px;"
> Verification Code has expired </span> ";
else {account = settimeout ("Remaintime ()", 1000);} itime = ITime-1;
$ ("#endtime"). HTML (stime); } 

The front-end to deal with the basic work as above, now to add logic in the HttpHandler, in order to prevent JS generated by the verification code irregularities, we regenerate at the back end:

if (Smscoderand. Length!= 6)//If the random code generated by JS does not match, generate random code
{
Smscoderand = Getrandom () in C #;
Write SMS data, send SMS
/write cookies, set the validity of the verification code, such as 5 minutes
/NOTE: If the above all processed successfully, return "Y", processing failure, return "N"

In order to facilitate this, verification code for the validity of the validation is done with cookies. When the business is submitted, it will get this cookie from the client to see if it exists, and if it does not exist, it must be expired. If subsequent business extensions may consider adding database validity validation and some other rules, such as limiting the number of code to be sent in one hour or one day (never allow you to send text messages indefinitely), and so on.

The above is a detailed description of how JavaScript SMS Verification code is implemented, and I hope it will help.