public async Task <ActionResult> Login(string username, string password, bool rem)
{
if (username == null || password == null)
{
return(View());
}
if (IsLoged(username, password))
{
string id = AppAuthentication.GetIdByUserName(username);
if (!string.IsNullOrEmpty(id))
{
var appUser = await db.AppUsers.FindAsync(id);
if (appUser != null)
{
if (appUser.Lockout == false)
{
appUser.ErrorLogCount = 0;
db.AppUsers.Attach(appUser);
db.Entry(appUser).Property(x => x.ErrorLogCount).IsModified = true;
await db.SaveChangesAsync();
AddCookies(username, AppAuthentication.GetRoleName(username), password, rem);
return(RedirectToAction("Index", "Home"));
}
else
{
if (await IsLuckoutFinished(appUser.LockTime, id))
{
AddCookies(username, AppAuthentication.GetRoleName(username), password, rem);
return(RedirectToAction("Index", "Home"));
}
else
{
ViewBag.msg = "تم حظر هذا الحساب مؤقتا يرجي معاودة محاولة تسجيل الدخول بعد انقضاء مدة الحظر";
return(View());
}
}
}
}
}
else
{
if (await logError(username))
{
ViewBag.msg = "نظرا لمحاولات التسجيل المتكررة والخاطئة تم اغلاق حساب " + username + " لمدة 12 ساعة";
}
}
return(View());
}
public async void AddCookies(string username, string roleName, string password, bool remember)
{
var claim = new List <Claim>
{
new Claim(ClaimTypes.Name, username),
new Claim(ClaimTypes.NameIdentifier, AppAuthentication.GetIdByUserName(username)),
new Claim(ClaimTypes.Role, roleName),
new Claim("password", password),
new Claim(ClaimTypes.IsPersistent, remember.ToString())
};
var claimIdentity = new ClaimsIdentity(claim, CookieAuthenticationDefaults.AuthenticationScheme);
if (remember)
{
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
IsPersistent = remember,
ExpiresUtc = DateTime.UtcNow.AddDays(10)
};
await HttpContext.SignInAsync
(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimIdentity),
authProperties
);
}
else
{
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
IsPersistent = remember,
ExpiresUtc = DateTime.UtcNow.AddMinutes(30)
};
await HttpContext.SignInAsync
(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimIdentity),
authProperties
);
}
}
public async Task <bool> logError(string username)
{
string id = AppAuthentication.GetIdByUserName(username);
if (!string.IsNullOrEmpty(id))
{
var appUser = await db.AppUsers.FindAsync(id);
if (appUser != null)
{
appUser.ErrorLogCount += 1;
int count = appUser.ErrorLogCount;
if (appUser.ErrorLogCount < 5)
{
db.AppUsers.Attach(appUser);
await db.SaveChangesAsync();
ViewBag.msg = "بيانات الدخول غير صحيحة !!!" + "\r\n" + "لديك ( " + count + " ) محاولة تسجيل دخول خاطئة من عدد " + "(5) محاولات";
return(false);
}
else
{
db.AppUsers.Attach(appUser);
appUser.ErrorLogCount += 1;
appUser.LockTime = DateTime.Now.AddHours(12);
appUser.Lockout = true;
db.Entry(appUser).Property(x => x.Lockout).IsModified = true;
db.Entry(appUser).Property(x => x.LockTime).IsModified = true;
db.Entry(appUser).Property(x => x.ErrorLogCount).IsModified = true;
await db.SaveChangesAsync();
return(true);
}
}
}
return(false);
}