public bool AuthenticateLDAP(LoginModel model)
{
if (Membership.Providers["ADMembershipProvider"].ValidateUser(model.UserName, model.Password))
{
return true;
}
return false;
}
public ActionResult Login(LoginModel model, string returnUrl)
{
if (!this.ModelState.IsValid)
{
return this.View(model);
}
//Authenticate against LDAP if the account has the IsLDAPAccount flag
if (AccountRepos.GetIsLDAPAccount(model.UserName))
{
if (AuthenticateLDAP(model))
{
if (this.Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return this.Redirect(returnUrl);
}
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
return this.RedirectToAction("Index", "Home");
}
}
this.ModelState.AddModelError(string.Empty, "The user name or password provided is incorrect.");
return this.View(model);
}
public ActionResult Login(LoginModel model)
{
using (DocCommanderEntities db = new DocCommanderEntities())
{
//Get configured values and get the users this template is for an intranet application.
//Note AdminLoginOnlyallowed is commented out as
//bool AdminLoginOnlyAllowed = bool.Parse(System.Configuration.ConfigurationManager.AppSettings["AdminLoginOnlyAllowed"]);
int maxBadLogins = int.Parse(System.Configuration.ConfigurationManager.AppSettings["MaxBadLogins"]);
Account acc = AccountRepos.Get(model.UserName);
//Trap errors
if(acc == null)
ModelState.AddModelError("", "Your username or password is not correct.");
if (!(bool)acc.IsEnabled)
ModelState.AddModelError("", "Your account is not enabled. Please contact your site administrator.");
//if(AdminLoginOnlyAllowed && !User.IsInRole("Admin"))
//ModelState.AddModelError("", "This website is being maintained. Normal service will resume shortly.");
//check details submitted
if (ModelState.IsValid)
{
if (WebSecurity.IsConfirmed(model.UserName))
{
if (WebSecurity.Login(acc.UserName, model.Password, persistCookie: model.RememberMe))
{
//use the Enable function to reset the numBad Logins to 0;
AccountRepos.Enable(acc.UserName);
return RedirectToAction("Dashboard", "Account");
}
else
{
ModelState.AddModelError("", "Your username or password is not correct");
AccountRepos.AddBadLogin(model.UserName);
RedirectToAction("SendNotifyFailedLoginEmail", "Email", new { username = model.UserName });
if (maxBadLogins > 0 && AccountRepos.GetNumBadLogins(acc.AccountId) > maxBadLogins)
{
AccountRepos.Disable(acc.UserName);
}
}
}
else
{
ModelState.AddModelError("", "Your account is not activated. Please Check Your email and activate your account.");
}
}
}
return View(model);
}
