Ejemplo n.º 1
0
        public void CheckLock_NotLocked()
        {
            //Arrange
            var account = _userAccountService.FindByUserName("admin");

            //Act
            var isLocked = _userAccountService.CheckLock(account);

            //Assert
            Assert.That(isLocked, Is.False);
        }
Ejemplo n.º 2
0
        public ActionResult Login(UserAccountViewModel user, string returnUrl)
        {
            if (!ModelState.IsValid)
            {
                return(View(user));
            }

            //Check if registered
            if (_userAccountService.IsRegistered(user.UserName))
            {
                var userAccount = _userAccountService.FindByUserName(user.UserName);

                //Check if account is locked
                if (!_userAccountService.CheckLock(userAccount))
                {
                    var validCredentials = _userAccountService.ValidateCredentials(user.UserName, user.Password);

                    //Check if the authentication failed
                    if (validCredentials == null)
                    {
                        return(new HttpStatusCodeResult(HttpStatusCode.InternalServerError, Strings.AuthenticationError));
                    }

                    //Check credentials, if correct, redirect to home page
                    if (validCredentials == true)
                    {
                        //Send the user and request info to the service to store login info
                        var requestInfo = Request.HostAddress() + " - " + Request.UserAgent;
                        userAccount = _userAccountService.LoginSuccessful(userAccount, requestInfo);

                        //Create identity for the logged account
                        var identity = new ClaimsIdentity(new[]
                        {
                            new Claim(ClaimTypes.NameIdentifier, userAccount.Id.ToString()),
                            new Claim(ClaimTypes.Name, userAccount.UserName)
                        }, DefaultAuthenticationTypes.ApplicationCookie);

                        //Set role depending on account permissions
                        identity.AddClaim(userAccount.IsAdmin
                            ? new Claim(ClaimTypes.Role, "Admin")
                            : new Claim(ClaimTypes.Role, "User"));

                        //Sign in and log the operation
                        _authenticationManager.SignIn(identity);
                        _userAccountService.Log(OperationType.Login, userAccount.Id, data: "Addr: " + Request.HostAddress());

                        if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/") &&
                            !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
                        {
                            return(Redirect(returnUrl));
                        }

                        return(RedirectToAction("Index", "Home"));
                    }

                    ModelState.AddModelError(string.Empty, Strings.LoginError);
                }

                var wasLocked = userAccount.IsLocked;

                //Account is locked or incorrect credentials provided,
                //register a failed login attempt
                userAccount = _userAccountService.LoginFailed(userAccount);

                //Log if the account has been locked
                if (!wasLocked && userAccount.IsLocked)
                {
                    _userAccountService.Log(OperationType.AccountLocked, userAccount.Id);
                }

                //If account is not yet locked, exit
                if (!userAccount.IsLocked)
                {
                    return(View(user));
                }

                if (userAccount.UnlockDate == null)
                {
                    //Locked indefinitely
                    ModelState.AddModelError(string.Empty, Strings.LoginLockedPerm);
                }
                else
                {
                    //Locked temporarily
                    var lockMessage = Strings.LoginLocked + userAccount.UnlockDate;

                    //After initial lock, alert the user of further failed attempts
                    if (userAccount.FailedLoginAttempts > 3)
                    {
                        lockMessage += Strings.LoginLocked2;
                    }

                    ModelState.AddModelError(string.Empty, lockMessage);
                }
            }
            else
            {
                ModelState.AddModelError(string.Empty, Strings.LoginError);
            }

            return(View(user));
        }