C# (CSharp) IPasswordBruteForceProtector.CheckAttemptAllowed Examples

Programming Language: C# (CSharp)

Class/Type: IPasswordBruteForceProtector

Method/Function: CheckAttemptAllowed

Examples at hotexamples.com: 2

C# (CSharp) IPasswordBruteForceProtector.CheckAttemptAllowed - 2 examples found. These are the top rated real world C# (CSharp) examples of IPasswordBruteForceProtector.CheckAttemptAllowed extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

AddFailAttempt(2)

CheckAttemptAllowed(2)

ClearAttemptsForIp(2)

Example #1

Show file

File: WebApiAuthenticationProvider.cs Project: shestakov/Overture

        public TUser SignIn(HttpResponseMessage response, string login, string password, bool rememberMe, string clientIpAddress)
        {
            if (!loginBruteForceProtector.CheckAttemptAllowed(clientIpAddress))
            {
                throw new IpBanException();
            }

            if (!passwordBruteForceProtector.CheckAttemptAllowed(login))
            {
                throw new LoginBanException();
            }

            AuthenticationResult <TUser> userAuthenticationResult;

            try
            {
                userAuthenticationResult = authenticationProvider.Authenticate(login, password);
            }
            catch (LoginNotFoundException)
            {
                loginBruteForceProtector.AddFailAttempt(clientIpAddress);
                passwordBruteForceProtector.AddFailAttempt(login);
                throw;
            }
            catch (WrongLoginPasswordException)
            {
                loginBruteForceProtector.AddFailAttempt(clientIpAddress);
                passwordBruteForceProtector.AddFailAttempt(login);
                throw;
            }

            loginBruteForceProtector.ClearAttemptsForIp(clientIpAddress);
            passwordBruteForceProtector.ClearAttemptsForIp(login);

            webApiAuthenticationCookieManager.SetTokenCookie(response, userAuthenticationResult.EncryptedBase64EncodedToken, rememberMe);

            log.Info($"User authenticated. login: {login}, userId: {userAuthenticationResult.User}");

            return(userAuthenticationResult.User);
        }

Example #2

Show file

        public void SignIn(HttpContextBase httpContext, string login, string password, bool rememberMe)
        {
            var ip = httpContext.Request.UserHostAddress;

            if (!loginBruteForceProtector.CheckAttemptAllowed(ip))
            {
                throw new IpBanException();
            }

            if (!passwordBruteForceProtector.CheckAttemptAllowed(login))
            {
                throw new LoginBanException();
            }

            AuthenticationResult <TUser> userAuthenticationResult;

            try
            {
                userAuthenticationResult = authenticationProvider.Authenticate(login, password);
            }
            catch (LoginNotFoundException)
            {
                loginBruteForceProtector.AddFailAttempt(ip);
                passwordBruteForceProtector.AddFailAttempt(login);
                throw;
            }
            catch (WrongLoginPasswordException)
            {
                loginBruteForceProtector.AddFailAttempt(ip);
                passwordBruteForceProtector.AddFailAttempt(login);
                throw;
            }

            loginBruteForceProtector.ClearAttemptsForIp(ip);
            passwordBruteForceProtector.ClearAttemptsForIp(login);

            authenticationCookieManager.SetTokenCookie(httpContext, userAuthenticationResult.EncryptedBase64EncodedToken, rememberMe);

            log.Info(string.Format("User authenticated. login: {0}, userId: {1}", login, userAuthenticationResult.User.UserId));
        }