Hi,
What I do is create a temporary login record with the required code and set the time - in a file that is used only for these temporary logins.
I send the code to the user either by sms to cell phone or by E mail to their registered address.
I then have them enter their login and capture that and look at the temporary login record for their name and they enter the required code. I make sure that it is the appropriate code and make sure that the elapsed time from initial record write is <= 10 min. If all OK, then log them in. If not, then ask them if they want to get another temporary code and write a new record to the temporary login file.....can track number of login attempts and lock out user if you want!
C_RST FILE,DRIVER('TOPSPEED'),NAME(rstname),PRE(CRT),CREATE
GUI_KEy KEY(CRT:guid),PRIMARY,NOCASE !guid key
ACT_KEY KEY(CRT:acct_ihid),DUP,NOCASE !on acct No
record RECORD
guid CSTRING(80)
tdate LONG
oprator CSTRING(20) !operator
statuscd BYTE
tmstamp LONG !time stamp
email_addr CSTRING(140) !e mail address
acct_ihid LONG
place_from CSTRING(20) !coming from AREG, PROVIDER, ADMINS, ACCTLOG
acct_path CSTRING(150) !path for acct
Login_name CSTRING(50) !this is the user login name
loginID SHORT !this is the login ID for this logon
other1 CSTRING(20)
other2 CSTRING(20)
END
END
Here is some code that I use if the user wants to reset their password - could be the same if they want a code...
Make_EMAIL ROUTINE
!message('making E mail')
If Access:C_RST.PrimeAutoInc() = Level:Benign
CRT:guid = st5.Random() ! 16 chars by default.
CRT:statuscd = 0 ! nothing done yet
CRT:tdate = TODAY()
CRT:oprator = 'LOGINACCT'
CRT:tmstamp = clock()
CRT:email_addr = p_web.GSV('userEmail') ! BAL:L_Email ! lookup
CRT:acct_ihid = p_web.GSV('userID') !loc:acct
CRT:place_from = 'WebLOGINACCT'
CRT:acct_path = GLO:currPath ! BAR:base_dir
CRT:Login_name = p_web.GSV('usrlogin') ! user name login name
CRT:loginID = p_web.GSV('userID')! acctlog IHID
CRT:other1 = 'TO BE SENT'
CRT:other2 =''!
CRT:person_name = p_web.GSV('usrname') ! this is their actual name
CRT:acct_type = p_web.GSV('LoginFrom') ! should be A or P
access:C_RST.Insert()
!do SEND_MAIL
!we need to start a new process to send E Mail on its own thread!!!!
start(SENDEMAIL,25000,CRT:guid) ! we send the IHID as a string so E Mail will send only this one
ELSE
! message('Could NOT add record to RESET Queue')
If Access:C_ERRS.PrimeAutoInc() = Level:Benign
CEE:Proc_name = 'APWEB'
CEE:Pt_account = ''
CEE:Bus_Acct = loc:acct
CEE:error_no = 30
CEE:err_msg = 'Could not write record to PW reset Q: ' & BAL:L_Email
CEE:err_level = 6
CEE:err_text = 'RESET PW ERROR write to file C_RST'
Access:C_ERRS.Insert()
! p_web.CloseFile(C_ERRS)
END ! If Access:C_ERRS.PrimeAutoInc() = Level:Benign
end ! If Access:C_RST.PrimeAutoInc
Hopefully that gives you some insight.
FWIW,
Ron Jolda