private static string LocalizeArgument(Localizable localizable)
{
return(localizable?.Localize() ?? string.Empty);
}
public string Localize(string StringPath)
{
return(Localizable.Localize(StringPath));//_strings.SelectSingleNode("/hapStrings/" + StringPath.ToLower()).InnerText;
}
protected void login_Click(object sender, EventArgs e)
{
if (Cache.Get("hapBannedIps") == null)
{
HttpContext.Current.Cache.Insert("hapBannedIps", new List <Banned>());
}
List <Banned> bans = Cache.Get("hapBannedIps") as List <Banned>;
Cache.Remove("hapBannedIps");
if (bans.Count(b => b.Computer == Request.UserHostName && b.IPAddress == Request.UserHostAddress && b.UserAgent == Request.UserAgent) == 0)
{
bans.Add(new Banned {
Attempts = 0, Computer = Request.UserHostName, IPAddress = Request.UserHostAddress, IsBanned = false, UserAgent = Request.UserAgent
});
}
Banned ban = bans.Single(b => b.Computer == Request.UserHostName && b.IPAddress == Request.UserHostAddress && b.UserAgent == Request.UserAgent);
if (ban.IsBanned)
{
if (ban.BannedUntil.Value < DateTime.Now)
{
ban.IsBanned = false; ban.BannedUntil = null; ban.Attempts = 0; login.Visible = true;
}
else
{
message.Text = "<div class=\"ui-state-error ui-corner-all\" style=\" padding: 5px 10px\"><span class=\"ui-icon ui-icon-alert\" style=\"float: left; margin-right: 5px;\"></span>Your IP Addresss has been banned from logging on until " + ban.BannedUntil.Value.ToShortTimeString() + "</div>";
login.Visible = false;
return;
}
}
string code;
ban.Attempts++;
try
{
UserAccountControl uac = HAP.AD.User.UserAccountControl(username.Text);
if ((uac & UserAccountControl.AccountDisabled) == UserAccountControl.AccountDisabled)
{
HAP.Web.Logging.EventViewer.Log("HAP+ Logon", "Home Access Plus+ Logon\n\nUsername: "******"\nState: Disabled", System.Diagnostics.EventLogEntryType.Information, true);
HAP.Data.SQL.WebEvents.Log(DateTime.Now, "Disabled Logon", username.Text, Request.UserHostAddress, Request.Browser.Platform, Request.Browser.Browser + " " + Request.Browser.Version, Request.UserHostName, Request.UserAgent);
message.Text = "<div class=\"ui-state-error ui-corner-all\" style=\" padding: 5px 10px\"><span class=\"ui-icon ui-icon-alert\" style=\"float: left; margin-right: 5px;\"></span>" + Localizable.Localize("ad/disabled") + "</div>";
return;
}
else if ((uac & UserAccountControl.PasswordExpired) == UserAccountControl.PasswordExpired)
{
HAP.Web.Logging.EventViewer.Log("HAP+ Logon", "Home Access Plus+ Logon\n\nUsername: "******"\nState: Password Expired", System.Diagnostics.EventLogEntryType.Information, true);
HAP.Data.SQL.WebEvents.Log(DateTime.Now, "Expired Logon", username.Text, Request.UserHostAddress, Request.Browser.Platform, Request.Browser.Browser + " " + Request.Browser.Version, Request.UserHostName, Request.UserAgent);
message.Text = "<div class=\"ui-state-error ui-corner-all\" style=\" padding: 5px 10px\"><span class=\"ui-icon ui-icon-alert\" style=\"float: left; margin-right: 5px;\"></span>" + Localizable.Localize("ad/passexpired") + "</div>";
return;
}
else if ((uac & UserAccountControl.Lockout) == UserAccountControl.Lockout)
{
HAP.Web.Logging.EventViewer.Log("HAP+ Logon", "Home Access Plus+ Logon\n\nUsername: "******"\nState: Locked Out", System.Diagnostics.EventLogEntryType.Information, true);
HAP.Data.SQL.WebEvents.Log(DateTime.Now, "Lockedout Logon", username.Text, Request.UserHostAddress, Request.Browser.Platform, Request.Browser.Browser + " " + Request.Browser.Version, Request.UserHostName, Request.UserAgent);
message.Text = "<div class=\"ui-state-error ui-corner-all\" style=\" padding: 5px 10px\"><span class=\"ui-icon ui-icon-alert\" style=\"float: left; margin-right: 5px;\"></span>" + Localizable.Localize("ad/lockedout") + "</div>";
return;
}
}
catch
{
HAP.Web.Logging.EventViewer.Log("HAP+ Logon", "Home Access Plus+ Logon\n\nUsername: "******"\nState: Invalid", System.Diagnostics.EventLogEntryType.Error, true);
HAP.Data.SQL.WebEvents.Log(DateTime.Now, "Invalid User", username.Text, Request.UserHostAddress, Request.Browser.Platform, Request.Browser.Browser + " " + Request.Browser.Version, Request.UserHostName, Request.UserAgent);
}
if (oneusecode.Text.Length == 4 && IsValidCode(out code) && !ban.IsBanned && Membership.ValidateUser(username.Text.Trim(), HAP.AD.TokenGenerator.ConvertToPlain(code)))
{
HAP.Web.Logging.EventViewer.Log("HAP+ Logon", "Home Access Plus+ Logon\n\nUsername: "******"Logon", username.Text, Request.UserHostAddress, Request.Browser.Platform, Request.Browser.Browser + " " + Request.Browser.Version, Request.UserHostName, Request.UserAgent);
FormsAuthentication.SetAuthCookie(username.Text, false);
HttpCookie tokenCookie = new HttpCookie("token", code);
tokenCookie.Domain = ((AuthenticationSection)WebConfigurationManager.GetWebApplicationSection("system.web/authentication")).Forms.Domain;
tokenCookie.Secure = true;
if (Request.Cookies["token"] == null)
{
Response.AppendCookie(tokenCookie);
}
else
{
Response.SetCookie(tokenCookie);
}
bans.Remove(ban);
Cache.Insert("hapBannedIps", bans);
FormsAuthentication.RedirectFromLoginPage(username.Text, false);
}
else if (Membership.ValidateUser(username.Text.Trim(), password.Text.Trim()) && !ban.IsBanned)
{
HAP.Web.Logging.EventViewer.Log("HAP+ Logon", "Home Access Plus+ Logon\n\nUsername: "******"Logon", username.Text, Request.UserHostAddress, Request.Browser.Platform, Request.Browser.Browser + " " + Request.Browser.Version, Request.UserHostName, Request.UserAgent);
FormsAuthentication.SetAuthCookie(username.Text, false);
HttpCookie tokenCookie = new HttpCookie("token", TokenGenerator.ConvertToToken(password.Text));
tokenCookie.Secure = true;
tokenCookie.Domain = ((AuthenticationSection)WebConfigurationManager.GetWebApplicationSection("system.web/authentication")).Forms.Domain;
if (Request.Cookies["token"] == null)
{
Response.AppendCookie(tokenCookie);
}
else
{
Response.SetCookie(tokenCookie);
}
bans.Remove(ban);
Cache.Insert("hapBannedIps", bans);
if (Request.QueryString["ReturnUrl"] == "OneUseCodes.aspx")
{
Response.Redirect("OneUseCodes.aspx?gencodes=1");
}
else
{
FormsAuthentication.RedirectFromLoginPage(username.Text, false);
}
}
else
{
if (ban.Attempts > (hapConfig.Current.AD.MaxLogonAttemps - 1))
{
ban.IsBanned = true;
ban.BannedUntil = DateTime.Now.AddMinutes(30);
message.Text = "<div class=\"ui-state-error ui-corner-all\" style=\" padding: 5px 10px\"><span class=\"ui-icon ui-icon-alert\" style=\"float: left; margin-right: 5px;\"></span>Your IP Addresss has been banned from logging on until " + ban.BannedUntil.Value.ToShortTimeString() + "</div>";
login.Visible = false;
HAP.Web.Logging.EventViewer.Log("HAP+ Logon", "Home Access Plus+ Logon\n\nBanned logon Username: "******"Logon.Banned", username.Text, Request.UserHostAddress, Request.Browser.Platform, Request.Browser.Browser + " " + Request.Browser.Version, Request.UserHostName, Request.UserAgent);
}
else
{
login.Visible = true;
message.Text = "<div class=\"ui-state-error ui-corner-all\" style=\" padding: 5px 10px\"><span class=\"ui-icon ui-icon-alert\" style=\"float: left; margin-right: 5px;\"></span>Either your Username or Password was Incorrect or you do not have permission to access this site.</div>";
}
Cache.Insert("hapBannedIps", bans);
}
}
private async Task PublishErrorEventAsync(Localizable error)
{
await _publisher.PublishAsync(new UpdateStatusEvent(Target.EntryPoint, StatusType.Failed, error.Localize()));
}