Beispiel #1
0
        public ActionResult LogOff()
        {
            AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
            //login audit
            string userid = HttpContext.GetOwinContext().Request.User.Identity.GetUserId();

            if (!string.IsNullOrEmpty(userid))
            {
                var ip = GenericHelpers.GetUserIPAddress();
                if (!string.IsNullOrEmpty(ip))
                {
                    LoginAudits auditRecord = LoginAudits.CreateAuditEvent(Guid.NewGuid().ToString(), userid, en_LoginAuditEventType.LogOut, ip);
                    if (auditRecord != null)
                    {
                        int auditRecording = _loginAuditRepository.Insert(auditRecord);
                    }
                }
            }
            return(RedirectToAction("Index", "Home"));
        }
Beispiel #2
0
        public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            if (!ModelState.IsValid)
            {
                return(View(model));
            }

            // This doesn't count login failures towards account lockout
            // To enable password failures to trigger account lockout, change to shouldLockout: true
            var user = await UserManager.FindByNameAsync(model.Email);

            var password = await UserManager.CheckPasswordAsync(user, model.Password);

            if (user != null && password == true)
            {
                if (!user.EmailConfirmed)
                {
                    ModelState.AddModelError("", "Please confirm your email address to process.");
                    return(View(model));
                }
                else if (user.TwoFactorEnabled)
                {
                    return(RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }));
                }
                else if (user.LockoutEnabled)
                {
                    ModelState.AddModelError("", "User account locked out.");
                    return(View("Lockout"));
                }
                else
                {
                    var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout : false);

                    switch (result)
                    {
                    case SignInStatus.Success:
                        //return RedirectToLocal(returnUrl);
                        FormsAuthentication.SetAuthCookie(user.UserName, true);
                        _loginCountRepo.CountUserLogin(user.Id.ToString());
                        //audit
                        var ip = GenericHelpers.GetUserIPAddress();
                        if (!string.IsNullOrEmpty(ip))
                        {
                            LoginAudits auditRecord = LoginAudits.CreateAuditEvent(Guid.NewGuid().ToString(), user.Id, en_LoginAuditEventType.Login, ip);
                            if (auditRecord != null)
                            {
                                int auditRecording = _loginAuditRepository.Insert(auditRecord);
                            }
                        }

                        return(RedirectToLocal(returnUrl, user.Id.ToString()));

                    case SignInStatus.LockedOut:
                        if (user != null)
                        {
                            //audit
                            var ip3 = GenericHelpers.GetUserIPAddress();
                            if (!string.IsNullOrEmpty(ip3))
                            {
                                LoginAudits auditRecord3 = LoginAudits.CreateAuditEvent(Guid.NewGuid().ToString(), user.Id, en_LoginAuditEventType.AccountLockedOut, ip3);
                                if (auditRecord3 != null)
                                {
                                    int auditRecording = _loginAuditRepository.Insert(auditRecord3);
                                }
                            }
                        }
                        return(View("Lockout"));

                    case SignInStatus.RequiresVerification:
                        return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }));

                    case SignInStatus.Failure:
                    default:
                        ModelState.AddModelError("", "Invalid login attempt.");
                        if (user != null)
                        {
                            //audit
                            var ip2 = GenericHelpers.GetUserIPAddress();
                            if (!string.IsNullOrEmpty(ip2))
                            {
                                LoginAudits auditRecord2 = LoginAudits.CreateAuditEvent(Guid.NewGuid().ToString(), user.Id, en_LoginAuditEventType.FailedLogin, ip2);
                                if (auditRecord2 != null)
                                {
                                    int auditRecording = _loginAuditRepository.Insert(auditRecord2);
                                }
                            }
                        }
                        return(View(model));
                    }
                }
            }
            else
            {
                ModelState.AddModelError("", "Invalid Email or Username.");
                if (user != null)
                {
                    //audit
                    var         ip          = GenericHelpers.GetUserIPAddress();
                    LoginAudits auditRecord = LoginAudits.CreateAuditEvent(Guid.NewGuid().ToString(), user.Id, en_LoginAuditEventType.FailedLogin, ip);
                    if (auditRecord != null)
                    {
                        int auditRecording = _loginAuditRepository.Insert(auditRecord);
                    }
                }
                return(View(model));
            }
        }