private static void AddUserLog(ValidateUserLoginResult result, string username, string password, string enteredCaptcha, string serverSideCaptcha, string ip, string userAgent, string surferID)
{
int userID = 0;
password = ("").PadLeft(password.Length, '*');
string action = "";
if (result.LoginResult == Constants.Enumerators.LoginResult.UsernameInvalid)
action = string.Format("LOGIN FAILURE - USERNAME INVALID (U: {0}; P: {1})", username, password);
else if (result.LoginResult == Constants.Enumerators.LoginResult.NotApproved)
action = string.Format("LOGIN FAILURE - NOT APPROVED");
else if (result.LoginResult == Constants.Enumerators.LoginResult.LockedOut)
action = string.Format("LOGIN FAILURE - LOCKED OUT");
else if (result.LoginResult == Constants.Enumerators.LoginResult.PasswordInvalid)
action = string.Format("LOGIN FAILURE (P: {0})", password);
else if (result.LoginResult == Constants.Enumerators.LoginResult.CaptchaInvalid)
action = string.Format("LOGIN FAILURE - CAPTCHA INVALID (P: {0}; IN: {1}; EX: {2})", password, enteredCaptcha, serverSideCaptcha);
else if (result.LoginResult == Constants.Enumerators.LoginResult.Success)
action = "LOGIN SUCCESS";
else
action = string.Format("LOGIN FAILURE - UNKNOWN ERROR (P: {0})", password);
int userLogID = UserLogService.AddUserLog(result.AspnetUserID, userID, action, ip, userAgent, surferID);
}
public static ValidateUserLoginResult ValidateUserLogin(string userMembershipProviderName, string username, string password, string enteredCaptcha, string serverSideCaptcha, string ip, string userAgent, string surferID)
{
ValidateUserLoginResult result = new ValidateUserLoginResult();
if (!Helpers.IsValidEmail(username))
{
User user = UserService.GetUserByUsername(username);
if (user.UserID == 0)
result.LoginResult = Constants.Enumerators.LoginResult.UsernameInvalid;
else
username = user.Email;
}
if (result.LoginResult != Constants.Enumerators.LoginResult.UsernameInvalid)
{
// Get user by username
MembershipUser mu = Membership.Providers[userMembershipProviderName].GetUser(username, true);
if (mu != null)
{
result.AspnetUserID = (Guid)mu.ProviderUserKey;
result.Username = username;
}
if (mu == null)
{
// Invalid username
result.LoginResult = Constants.Enumerators.LoginResult.UsernameInvalid;
}
else if (!mu.IsApproved)
{
// User is not approved
result.LoginResult = Constants.Enumerators.LoginResult.NotApproved;
}
else if (mu.IsLockedOut)
{
// User is locked out
result.LoginResult = Constants.Enumerators.LoginResult.LockedOut;
}
else
{
// Check username and password and update failed attempts counts, etc.
if (!Membership.Providers[userMembershipProviderName].ValidateUser(username, password))
result.LoginResult = Constants.Enumerators.LoginResult.PasswordInvalid;
else
result.LoginResult = Constants.Enumerators.LoginResult.Success;
}
}
AddUserLog(result, username, password, enteredCaptcha, serverSideCaptcha, ip, userAgent, surferID);
return result;
}
