/// <summary>
/// Increment the registration failures of the anonymous user defined by the <paramref name="ipAddress"/>.
/// </summary>
/// <param name="ipAddress">The ip address to increment the registration failures of (string)</param>
/// <param name="maxTimeBeforeFailureReset">The time before their failures reset (TimeSpan)</param>
/// <param name="maxNumberOfTries">The max number of registration tries before they get locked (int)</param>
/// <returns>Task (bool) whether the funciton executed without exception</returns>
public async Task <bool> IncrementRegistrationFailuresAsync(string ipAddress, TimeSpan maxTimeBeforeFailureReset, int maxNumberOfTries)
{
IPAddressObject ip = await GetIPAddressInfoAsync(ipAddress).ConfigureAwait(false);
IPAddressRecord record;
// Need to check if the maxtime + lastTime is less than now.
// if it is then reset the failure
long lastRegFailTimestamp = ip.LastRegFailTimestamp;
long maxSeconds = TimeUtilityService.TimespanToSeconds(maxTimeBeforeFailureReset);
long currentUnix = TimeUtilityService.CurrentUnixTime();
bool reset = false;
// If the time has passed their max time before reset, reset their failures. Don't reset
// if they have no last registration fail timestamp.
if (lastRegFailTimestamp + maxSeconds < currentUnix && lastRegFailTimestamp != Constants.NoValueLong)
{
reset = true;
record = new IPAddressRecord(ipAddress, registrationFailures: 0);
await UpdateIPAsync(record).ConfigureAwait(false);
}
// Increment the user's login Failure count.
int updatedRegistrationFailures = reset ? 1 : ip.RegistrationFailures + 1;
// Lock the ip if they have reached the max number of tries.
// Update the last reg fail time.
if (updatedRegistrationFailures >= maxNumberOfTries)
{
record = new IPAddressRecord(ipAddress, timestampLocked: currentUnix, registrationFailures: updatedRegistrationFailures, lastRegFailTimestamp: currentUnix);
// Asynchronously notify the system admin if an ip address was locked during registration.
await SystemUtilityService.NotifySystemAdminAsync($"{ipAddress} was locked at {currentUnix}", Constants.SystemAdminEmailAddress).ConfigureAwait(false);
}
else
{
record = new IPAddressRecord(ipAddress, registrationFailures: updatedRegistrationFailures, lastRegFailTimestamp: currentUnix);
}
return(await UpdateIPAsync(record).ConfigureAwait(false));
}
/// <summary>
/// Asynchronously increment the login failures of a user and disables that user if he has
/// reached the <paramref name="maxNumberOfTries"/> parameter and his last login failure time
/// hs not exceeded the <paramref name="maxTimeBeforeFailureReset"/> parameter.
/// </summary>
/// <param name="username">Username of the user to increment</param>
/// <param name="maxTimeBeforeFailureReset">TimeSpan object to represent how long the before the login failure resets.</param>
/// <param name="maxNumberOfTries">The max number of tries a user can login before he is disabled.</param>
/// <returns>Returns true if the operation is successfull and false if it failed.</returns>
public async Task <bool> IncrementLoginFailuresAsync(string username, TimeSpan maxTimeBeforeFailureReset, int maxNumberOfTries)
{
UserObject user = await GetUserInfoAsync(username).ConfigureAwait(false);
UserRecord record;
// Need to check if the maxtime + lastTime is less than now.
// if it is then reset the failure
long lastLoginFailTimestamp = user.LastLoginFailTimestamp;
long maxSeconds = TimeUtilityService.TimespanToSeconds(maxTimeBeforeFailureReset);
long currentUnix = TimeUtilityService.CurrentUnixTime();
bool reset = false;
// If the time has passed their max time before reset, reset their failures. Don't reset if
// they have no last login fail timestamp.
if (lastLoginFailTimestamp + maxSeconds < currentUnix && lastLoginFailTimestamp != Constants.NoValueLong)
{
reset = true;
record = new UserRecord(username, loginFailures: 0);
await UpdateUserAsync(record).ConfigureAwait(false);
}
// Increment the user's login failure count.
int updatedLoginFailures = reset ? 1 : user.LogInFailures + 1;
// Disable the user if they have reached the max number of tries.
// Update the last login fail time.
if (updatedLoginFailures >= maxNumberOfTries)
{
record = new UserRecord(username, loginFailures: updatedLoginFailures, disabled: Constants.DisabledStatus, lastLoginFailTimestamp: currentUnix);
}
else
{
record = new UserRecord(username, loginFailures: updatedLoginFailures, lastLoginFailTimestamp: currentUnix);
}
await UpdateUserAsync(record).ConfigureAwait(false);
return(true);
}