bool ValidLogin(Login login)
        {
            UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
            UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore)
            {
                UserLockoutEnabledByDefault = true,
                DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
                MaxFailedAccessAttemptsBeforeLockout = 3
            };
            var user = userManager.FindByName(login.UserName);

            if (user == null)
                return false;

            // User is locked out. 
            if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
                return false;

            // Validated user was locked out but now can be reset. 
            if (userManager.CheckPassword(user, login.Password)
                    && userManager.IsEmailConfirmed(user.Id))
            {
                if (userManager.SupportsUserLockout
                 && userManager.GetAccessFailedCount(user.Id) > 0)
                {
                    userManager.ResetAccessFailedCount(user.Id);
                }
            }
            // Login is invalid so increment failed attempts. 
            else {
                bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
                if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
                {
                    userManager.AccessFailed(user.Id);
                    return false;
                }
            }
            return true;
        }
 public void LockoutAccount()
 {
     var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this._session));
     userManager.MaxFailedAccessAttemptsBeforeLockout = 3;
     userManager.UserLockoutEnabledByDefault = true;
     userManager.DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0);
     userManager.Create(new ApplicationUser() { UserName = "test", LockoutEnabled = true }, "Welcome");
     var user = userManager.Find("test", "Welcome");
     Assert.AreEqual(0, userManager.GetAccessFailedCount(user.Id));
     userManager.AccessFailed(user.Id);
     Assert.AreEqual(1, userManager.GetAccessFailedCount(user.Id));
     userManager.AccessFailed(user.Id);
     Assert.AreEqual(2, userManager.GetAccessFailedCount(user.Id));
     userManager.AccessFailed(user.Id);
     Assert.IsTrue(userManager.IsLockedOut(user.Id));
 }
        bool ValidLogin(Login login)
        {
            UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
            UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore)
            {
                UserLockoutEnabledByDefault = true,
                DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
                MaxFailedAccessAttemptsBeforeLockout = 3
            };
            var user = userManager.FindByName(login.UserName);

            if (user == null)
                return false;

            // User is locked out.
            if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
            {
                return false;
            }

            // Validated user was locked out but now can be reset.
            if (userManager.CheckPassword(user, login.Password))
            {
                if (userManager.SupportsUserLockout
                 && userManager.GetAccessFailedCount(user.Id) > 0)
                {
                    userManager.ResetAccessFailedCount(user.Id);
                }
            }

            // Login is invalid so increment failed attempts.
            else {
                bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
                if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
                {
                    userManager.AccessFailed(user.Id);
                    return false;
                }
                CaptchaHelper captchaHelper = new CaptchaHelper();
                string captchaResponse = captchaHelper.CheckRecaptcha();
                if (captchaResponse != "Valid")
                {
                    ViewBag.ErrorResponse = "The captcha must be valid";

                }
            }
            return true;
        }
Example #4
0
        protected void BtnIniciar_Click1(object sender, EventArgs e)
        {
            var userStore = new UserStore<IdentityUser>();
            var userManager = new UserManager<IdentityUser>(userStore);
            //var user = userManager.Find(UserName.Text, Password.Text);

            var user = userManager.FindByName(UserName.Text);

            if (user != null)
            {
                var validCredentials = userManager.Find(UserName.Text, Password.Text);

                if (userManager.IsLockedOut(user.Id))
                {
                    ModelState.AddModelError("", string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()));
                    StatusText.Text = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString());
                }
                else if (userManager.GetLockoutEnabled(user.Id) && validCredentials == null)
                {
                    userManager.AccessFailed(user.Id);
                    string message;
                    if (userManager.IsLockedOut(user.Id))
                    {
                        message = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString());
                        StatusText.Text = message;
                    }
                    else
                    {
                        int accessFailedCount = userManager.GetAccessFailedCount(user.Id);
                        int attemptsLeft =
                            Convert.ToInt32(
                                ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString()) -
                            accessFailedCount;
                        message = string.Format(
                            "Invalid credentials. You have {0} more attempt(s) before your account gets locked out.", attemptsLeft);
                        StatusText.Text = message;
                    }

                    ModelState.AddModelError("", message);
                }
                else if (validCredentials == null)
                {
                    ModelState.AddModelError("", "Invalid credentials. Please try again.");
                    StatusText.Text = "Invalid credentials. Please try again.";
                }
                else
                {

                    var authenticationManager = HttpContext.Current.GetOwinContext().Authentication;
                    var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);

                    authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity);
                    userManager.ResetAccessFailedCount(user.Id);

                    string vig = DateTime.Now.Year.ToString();
                    SetCookieUser(UserName.Text, vig);

                    string url = Request.QueryString["ReturnUrl"];
                    if (url == "" || url == null)
                    {
                        gesMenuAdapter mg = new gesMenuAdapter();
                        List<dataTree> l = mg.getOpciones("INICI", UserName.Text);
                        if (l.Where(t => t.roles == "INICIAdministrativo").FirstOrDefault() != null)
                        {
                            SetCookieRol("administrador");
                            url = "/Inicio/Administrativo/Inicio.aspx";
                        }
                        else
                        {
                            if (l.Where(t => t.roles == "INICIAcudientes").FirstOrDefault() != null)
                            {
                                SetCookieRol("acudiente");
                                url = "/Inicio/Acudientes/Inicio.aspx";
                            }
                        }
                    }
                    IdentityHelper.RedirectToReturnUrl(url, Response);
                }

            }
            else
            {
                StatusText.Text = "Invalid username or password.";
            }
        }