protected override IPrincipal ValidateUser(string userName, string password)
{
var user = _userManager.FindByName(userName);
if (user == null)
{
return(null);
}
if (_userManager.IsLockedOut(user.Id))
{
return(null);
}
var result = _userManager.CheckPassword(user, password);
if (result)
{
_userManager.ResetAccessFailedCount(user.Id);
return(new ClaimsPrincipal(_userManager.CreateIdentity(user, "HTTP Basic")));
}
if (_userManager.SupportsUserLockout)
{
_userManager.AccessFailed(user.Id);
}
return(null);
}
public SignInStatus TwoFactorSignIn(string provider, string code, bool isPersistent, bool rememberBrowser)
{
var userId = GetVerifiedUserId();
if (userId == null)
{
return(SignInStatus.Failure);
}
var user = UserManager.FindById(userId);
if (user == null)
{
return(SignInStatus.Failure);
}
if (UserManager.IsLockedOut(user.Id))
{
return(SignInStatus.LockedOut);
}
if (UserManager.VerifyTwoFactorToken(user.Id, provider, code))
{
// When token is verified correctly, clear the access failed count used for lockout
UserManager.ResetAccessFailedCount(user.Id);
SignInAsync(user, isPersistent, rememberBrowser);
return(SignInStatus.Success);
}
// If the token is incorrect, record the failure which also may cause the user to be locked out
UserManager.AccessFailed(user.Id);
return(SignInStatus.Failure);
}
public ActionResult Reset([Bind(Include = "NewPassword,ConfirmPassword,Key,Token")] ResetViewModel model)
{
if (!ModelState.IsValid)
{
return(View(model));
}
var user = UserManager.FindById(model.Key);
if (user == null)
{
ModelState.AddModelError("", AuthResources.RequestMailNoUser);
return(View(model));
}
var result = UserManager.ResetPassword(user.Id, model.Token, model.NewPassword);
if (!result.Succeeded)
{
AddErrors(result);
return(View(model));
}
SignInLogModel log = new SignInLogModel();
log.ClientIp = GetClientIp();
log.UserModelId = user.Id;
log.UserCode = user.UserName;
log.SetStatus(2);
dbContext.SignInLogModels.Add(log);
dbContext.SaveChanges();
UserManager.ResetAccessFailedCount(user.Id);
return(View("ResetComplete"));
}
public async Task <ActionResult> Login(LoginViewModel details, string returnUrl)
{
AppUser user = await UserManager.FindAsync(details.Name, details.Password);
AppUser currUser = UserManager.Users.FirstOrDefault(u => u.UserName == details.Name);
if ((user == null) || (currUser != null && UserManager.IsLockedOut(currUser.Id)))
{
if (currUser != null)
{
currUser.LockoutEnabled = true;
if (UserManager.IsLockedOut(currUser.Id))
{
ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}");
UserManager.ResetAccessFailedCount(currUser.Id);
}
else if (UserManager.MaxFailedAccessAttemptsBeforeLockout <= currUser.AccessFailedCount + 1)
{
currUser.LockoutEndDateUtc = DateTime.UtcNow.AddMinutes(1);
await UserManager.UpdateAsync(currUser);
UserManager.ResetAccessFailedCount(currUser.Id);
ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}");
}
else
{
UserManager.AccessFailed(currUser.Id);
ModelState.AddModelError("", $"Некорректный пароль осталось {UserManager.MaxFailedAccessAttemptsBeforeLockout - UserManager.GetAccessFailedCount(currUser.Id)} попытки.");
}
}
else
{
ModelState.AddModelError("", "Некорректное имя.");
}
}
else
{
ClaimsIdentity ident = await UserManager.CreateIdentityAsync(user,
DefaultAuthenticationTypes.ApplicationCookie);
await UserManager.ResetAccessFailedCountAsync(user.Id);
AuthManager.SignOut();
AuthManager.SignIn(new AuthenticationProperties
{
IsPersistent = true
}, ident);
AccountInfoEvent($"Account wiht name:{user.UserName}; and id:{user.Id} has been successfuly logged in");
if (!string.IsNullOrEmpty(returnUrl))
{
return(Redirect(returnUrl));
}
else
{
return(RedirectToActionPermanent("Index", "Home"));
}
}
return(View(details));
}
public ActionResult ReactivateUser(int id)
{
var user = context.Users.Find(id);
if (!_userService.CanEditUser(user))
{
TempData["Error"] = "You do not have permission to edit this user.";
return(RedirectToAction("Index"));
}
var code = KeyGenerator.GetUniqueKey(128);
var email = user.Email;
user.IsActive = true;
user.ResetCode = code;
user.ResetCodeExpiration = DateTime.UtcNow.AddHours(24);
_userManager.SetLockoutEndDate(user.Id, DateTimeOffset.UtcNow);
_userManager.ResetAccessFailedCount(user.Id);
string resetUrl = string.Format("https://" + Request.Url.Host + "/Account/ResetPassword?code={0}&email={1}", code, email);
string body = string.Format("Your account \"{1}\" has been reactivated. Please click <a href=\"{0}\">here</a> to reset your password. This link will expire in 24 hours.", resetUrl, user.UserName);
_emailService.Send(email, "Water Treatment Account Reactivated", body);
_userManager.Update(user);
TempData["CreateSuccess"] = string.Format("Successfully reactivated \"{0}\". The user was notified by email.", user.UserName);
return(RedirectToAction("Index"));
}
/// <summary>
/// Sign in the user in using the user name and password
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <param name="ipAddress"></param>
/// <param name="isPersistent"></param>
/// <param name="shouldLockout"></param>
/// <returns></returns>
public SignInStatus TronixPasswordSignIn(string userName, string password, string[] ipAddress, bool isPersistent = false, bool shouldLockout = false)
{
var user = UserManager?.FindByName(userName);
if (user == null)
{
return(SignInStatus.Failure);
}
if (user.Inactive)
{
return(SignInStatus.Failure);
}
if (UserManager.IsLockedOut(user.Id))
{
return(SignInStatus.LockedOut);
}
if (UserManager.CheckPassword(user, password))
{
UserManager.ResetAccessFailedCount(user.Id);
return(SignInOrTwoFactor(user, isPersistent, ipAddress));
}
if (!shouldLockout)
{
return(SignInStatus.Failure);
}
// If lockout is requested, increment access failed count which might lock out the user
UserManager.AccessFailed(user.Id);
return(UserManager.IsLockedOut(user.Id) ? SignInStatus.LockedOut : SignInStatus.Failure);
}
public void CanResetFailedAttempts()
{
var user = CreateBasicUser();
user.IncrementLoginFailureCount();
UserManager.Update(user);
UserManager.ResetAccessFailedCount(user.Id);
user = UserManager.FindById(user.Id);
user.FailedLoginAttempts.ShouldBe(0);
}
bool ValidLogin(Login login)
{
UserStore <IdentityUser> userStore = new UserStore <IdentityUser>();
UserManager <IdentityUser> userManager = new UserManager <IdentityUser>(userStore)
{
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
MaxFailedAccessAttemptsBeforeLockout = 5
};
var user = userManager.FindByName(login.UserName);
if (user == null)
{
UserNoFound = true;
return(false);
}
// User is locked out.
if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
{
Locked = true;
return(false);
}
// Validated user was locked out but now can be reset.
if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id))
{
if (userManager.SupportsUserLockout &&
userManager.GetAccessFailedCount(user.Id) > 0)
{
userManager.ResetAccessFailedCount(user.Id);
}
}
// Login is invalid so increment failed attempts.
else
{
bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
PasswordIncorrent = true;
if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
{
userManager.AccessFailed(user.Id);
return(false);
}
}
return(true);
}
private User UpdateDTOUser(User paramExpandedUserDTO)
{
ApplicationUser result =
UserManager.FindByName(paramExpandedUserDTO.UserName);
// If we could not find the user, throw an exception
if (result == null)
{
ModelState.AddModelError("", "Could not find the User");
return(paramExpandedUserDTO);
}
result.Email = paramExpandedUserDTO.Email;
// Lets check if the account needs to be unlocked
if (UserManager.IsLockedOut(result.Id))
{
// Unlock user attempts and set lockoutdate back into the past
UserManager.ResetAccessFailedCount(result.Id);
UserManager.SetLockoutEndDate(result.Id, DateTime.Now);
}
log.Info("Updating user " + paramExpandedUserDTO.UserName);
UserManager.Update(result);
// Was a password sent across?
if (!string.IsNullOrEmpty(paramExpandedUserDTO.Password))
{
// Remove current password
var removePassword = UserManager.RemovePassword(result.Id);
if (removePassword.Succeeded)
{
// Add new password
var AddPassword =
UserManager.AddPassword(
result.Id,
paramExpandedUserDTO.Password
);
log.Info(string.Format("Updated password {0}, errors: {1}", paramExpandedUserDTO.UserName, string.Join(", ", AddPassword.Errors)));
foreach (var error in AddPassword.Errors)
{
ModelState.AddModelError("Password", PasswordValidatorCodes.GetLocalizedMessageForCode(error));
}
}
}
return(paramExpandedUserDTO);
}
private ExtendedUserCustom UpdateUser(ExtendedUserCustom extUser)
{
var result = UserManager.FindByEmail(extUser.Email);
//not found
if (result == null)
{
throw new Exception("User not found.");
}
result.Email = extUser.Email.Trim();
result.FullName = extUser.FullName.Trim();
result.GroupId = extUser.GroupId;
result.MonthIntake = extUser.MonthIntake;
result.YearIntake = extUser.YearIntake;
//is account locked? unlock it
if (UserManager.IsLockedOut(result.Id))
{
UserManager.ResetAccessFailedCount(result.Id);
}
UserManager.Update(result);
//was a password sent across?
if (!string.IsNullOrEmpty(extUser.Password))
{
//remove current password
var removePassword = UserManager.RemovePassword(result.Id);
if (removePassword.Succeeded)
{
//add new password
var AddPassword = UserManager.AddPassword(
result.Id,
extUser.Password
);
if (AddPassword.Errors.Count() > 0)
{
throw new Exception(AddPassword.Errors.FirstOrDefault());
}
}
}
return(extUser);
}
public virtual async Task <AuthenticateResult> AuthenticateLocalAsync(string username, string password, SignInMessage message = null)
{
if (!userManager.SupportsUserPassword)
{
return(null);
}
var user = await FindUserAsync(username);
if (user == null)
{
return(null);
}
if (userManager.SupportsUserLockout &&
await userManager.IsLockedOutAsync(user.Id))
{
return(null);
}
if (await userManager.CheckPasswordAsync(user, password))
{
if (userManager.SupportsUserLockout)
{
userManager.ResetAccessFailedCount(user.Id);
}
var result = await PostAuthenticateLocalAsync(user, message);
if (result != null)
{
return(result);
}
var claims = await GetClaimsForAuthenticateResult(user);
return(new AuthenticateResult(user.Id.ToString(), await GetDisplayNameForAccountAsync(user.Id), claims));
}
else if (userManager.SupportsUserLockout)
{
await userManager.AccessFailedAsync(user.Id);
}
return(null);
}
//public void DeleteRole(string roleId)
//{
// var roleUsers = _db.Users.Where(u => u.Roles.Any(r => r.RoleId == roleId));
// var role = _db.Roles.Find(roleId);
// foreach (var user in roleUsers)
// {
// this.RemoveFromRole(user.Id, role.Name);
// }
// _db.Roles.Remove(role);
// _db.SaveChanges();
//}
protected void LogIn(object sender, EventArgs e)
{
if (IsValid)
{
// Validate the user password
var manager = new UserManager();
ApplicationUser user = manager.Find(UserName.Text, Password.Text);
if (user != null)
{
bool x = manager.IsLockedOut(user.Id);
if (x)
{
usrststr.WriteStat(user.Id, "User is blocked");
FailureText.Text = "User is blocked";
ErrorMessage.Visible = true;
}
else
{
manager.ResetAccessFailedCount(user.Id);
//IdentityHelper.SignIn(manager, user, RememberMe.Checked);
IdentityHelper.SignIn(manager, user, false);
// begin statistica
usrststr.WriteStat(user.Id, "Login");
// end statistica
IdentityHelper.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response);
}
}
else
{
var r = manager.FindByName(UserName.Text);
if (r != null)
{
usrststr.WriteStat(r.Id, "Invalid password.");
FailureText.Text = "Invalid password.";
ErrorMessage.Visible = true;
if (manager.IsLockedOut(r.Id))
{
}
else
{
if (manager.IsInRole(r.Id, "Administrator") == true)
{
}
else
{
var z = manager.SetLockoutEnabled(r.Id, true);
manager.AccessFailed(r.Id);
}
usrststr.WriteStat(r.Id, "Access denied.");
}
}
else
{
FailureText.Text = "Invalid username.";
ErrorMessage.Visible = true;
}
}
}
}
bool ValidLogin(Login login)
{
UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore)
{
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
MaxFailedAccessAttemptsBeforeLockout = 3
};
var user = userManager.FindByName(login.UserName);
if (user == null)
return false;
// User is locked out.
if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
return false;
// Validated user was locked out but now can be reset.
if (userManager.CheckPassword(user, login.Password)
&& userManager.IsEmailConfirmed(user.Id))
{
if (userManager.SupportsUserLockout
&& userManager.GetAccessFailedCount(user.Id) > 0)
{
userManager.ResetAccessFailedCount(user.Id);
}
}
// Login is invalid so increment failed attempts.
else {
bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
{
userManager.AccessFailed(user.Id);
return false;
}
}
return true;
}
//public IEnumerable<SelectListItem> ReadRoles()
//{
// IList<SelectListItem> result = new List<SelectListItem>
// {
// new SelectListItem
// {
// Text = RoleType.Company.GetEnumDescription(),
// Value = RoleType.Company.ToString()
// },
// new SelectListItem
// {
// Text = RoleType.Supervise.GetEnumDescription(),
// Value = RoleType.Supervise.ToString()
// },
// new SelectListItem
// {
// Text = RoleType.Guidance.GetEnumDescription(),
// Value = RoleType.Guidance.ToString()
// }
// };
// return result;
//}
public bool?Update(UserManager <ApplicationUser> userManager, string key, UserViewModel model)
{
bool allSuccess = true;
var user = userManager.Users.Where(u => u.Id == key).SingleOrDefault();
if (user == null)
{
return(null);
}
// Role
if (!string.IsNullOrEmpty(model.Role.Value))
{
if (!userManager.IsInRole(key, model.Role.Value))
{
var roles = userManager.GetRoles(key).ToArray();
IdentityResult result = userManager.RemoveFromRoles(key, roles);
if (result.Succeeded)
{
result = userManager.AddToRole(key, model.Role.Value);
}
allSuccess &= result.Succeeded;
}
}
// Consultant
//if (!string.IsNullOrEmpty(model.Consultant.Value))
//{
// var customer = this.DbContext.Customers.Where(c => c.UserId == key).SingleOrDefault();
// if (customer == null)
// return null;
// customer.ConsultantId = model.Consultant.Value;
// try
// {
// this.DbContext.SaveChanges();
// }
// catch
// {
// allSuccess = false;
// }
//}
var customer = this.DbContext.Customers.Where(c => c.UserId == key).SingleOrDefault();
if (customer == null)
{
return(null);
}
customer.ConsultantId = model.Consultant.Value;
try
{
this.DbContext.SaveChanges();
}
catch
{
allSuccess = false;
}
// LockedOut
if (userManager.IsLockedOut(key) != model.LockedOut)
{
IdentityResult result;
if (model.LockedOut)
{
result = userManager.SetLockoutEnabled(key, true);
if (result.Succeeded)
{
result = userManager.SetLockoutEndDate(key, DateTimeOffset.MaxValue);
}
}
else
{
result = userManager.SetLockoutEnabled(key, false);
if (result.Succeeded)
{
result = userManager.ResetAccessFailedCount(key);
}
}
allSuccess &= result.Succeeded;
}
return(allSuccess);
}
bool ValidLogin(Login login)
{
UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore)
{
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
MaxFailedAccessAttemptsBeforeLockout = 3
};
var user = userManager.FindByName(login.UserName);
if (user == null)
return false;
// User is locked out.
if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
{
return false;
}
// Validated user was locked out but now can be reset.
if (userManager.CheckPassword(user, login.Password))
{
if (userManager.SupportsUserLockout
&& userManager.GetAccessFailedCount(user.Id) > 0)
{
userManager.ResetAccessFailedCount(user.Id);
}
}
// Login is invalid so increment failed attempts.
else {
bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
{
userManager.AccessFailed(user.Id);
return false;
}
CaptchaHelper captchaHelper = new CaptchaHelper();
string captchaResponse = captchaHelper.CheckRecaptcha();
if (captchaResponse != "Valid")
{
ViewBag.ErrorResponse = "The captcha must be valid";
}
}
return true;
}
protected void BtnIniciar_Click1(object sender, EventArgs e)
{
var userStore = new UserStore<IdentityUser>();
var userManager = new UserManager<IdentityUser>(userStore);
//var user = userManager.Find(UserName.Text, Password.Text);
var user = userManager.FindByName(UserName.Text);
if (user != null)
{
var validCredentials = userManager.Find(UserName.Text, Password.Text);
if (userManager.IsLockedOut(user.Id))
{
ModelState.AddModelError("", string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()));
StatusText.Text = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString());
}
else if (userManager.GetLockoutEnabled(user.Id) && validCredentials == null)
{
userManager.AccessFailed(user.Id);
string message;
if (userManager.IsLockedOut(user.Id))
{
message = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString());
StatusText.Text = message;
}
else
{
int accessFailedCount = userManager.GetAccessFailedCount(user.Id);
int attemptsLeft =
Convert.ToInt32(
ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString()) -
accessFailedCount;
message = string.Format(
"Invalid credentials. You have {0} more attempt(s) before your account gets locked out.", attemptsLeft);
StatusText.Text = message;
}
ModelState.AddModelError("", message);
}
else if (validCredentials == null)
{
ModelState.AddModelError("", "Invalid credentials. Please try again.");
StatusText.Text = "Invalid credentials. Please try again.";
}
else
{
var authenticationManager = HttpContext.Current.GetOwinContext().Authentication;
var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);
authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity);
userManager.ResetAccessFailedCount(user.Id);
string vig = DateTime.Now.Year.ToString();
SetCookieUser(UserName.Text, vig);
string url = Request.QueryString["ReturnUrl"];
if (url == "" || url == null)
{
gesMenuAdapter mg = new gesMenuAdapter();
List<dataTree> l = mg.getOpciones("INICI", UserName.Text);
if (l.Where(t => t.roles == "INICIAdministrativo").FirstOrDefault() != null)
{
SetCookieRol("administrador");
url = "/Inicio/Administrativo/Inicio.aspx";
}
else
{
if (l.Where(t => t.roles == "INICIAcudientes").FirstOrDefault() != null)
{
SetCookieRol("acudiente");
url = "/Inicio/Acudientes/Inicio.aspx";
}
}
}
IdentityHelper.RedirectToReturnUrl(url, Response);
}
}
else
{
StatusText.Text = "Invalid username or password.";
}
}
