bool ValidLogin(Login login) { UserStore<IdentityUser> userStore = new UserStore<IdentityUser>(); UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new System.TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 5 }; var user = userManager.FindByName(login.UserName); if (user == null) return false; // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) return false; // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return false; } } return true; }
bool ValidLogin(Login login) { UserStore<IdentityUser> userStore = new UserStore<IdentityUser>(); UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 3 }; var user = userManager.FindByName(login.UserName); if (user == null) return false; // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) { return false; } // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return false; } CaptchaHelper captchaHelper = new CaptchaHelper(); string captchaResponse = captchaHelper.CheckRecaptcha(); if (captchaResponse != "Valid") { ViewBag.ErrorResponse = "The captcha must be valid"; } } return true; }
public void LockoutAccount() { var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this._session)); userManager.MaxFailedAccessAttemptsBeforeLockout = 3; userManager.UserLockoutEnabledByDefault = true; userManager.DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0); userManager.Create(new ApplicationUser() { UserName = "test", LockoutEnabled = true }, "Welcome"); var user = userManager.Find("test", "Welcome"); Assert.AreEqual(0, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.AreEqual(1, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.AreEqual(2, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.IsTrue(userManager.IsLockedOut(user.Id)); }
protected void BtnIniciar_Click1(object sender, EventArgs e) { var userStore = new UserStore<IdentityUser>(); var userManager = new UserManager<IdentityUser>(userStore); //var user = userManager.Find(UserName.Text, Password.Text); var user = userManager.FindByName(UserName.Text); if (user != null) { var validCredentials = userManager.Find(UserName.Text, Password.Text); if (userManager.IsLockedOut(user.Id)) { ModelState.AddModelError("", string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString())); StatusText.Text = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()); } else if (userManager.GetLockoutEnabled(user.Id) && validCredentials == null) { userManager.AccessFailed(user.Id); string message; if (userManager.IsLockedOut(user.Id)) { message = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()); StatusText.Text = message; } else { int accessFailedCount = userManager.GetAccessFailedCount(user.Id); int attemptsLeft = Convert.ToInt32( ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString()) - accessFailedCount; message = string.Format( "Invalid credentials. You have {0} more attempt(s) before your account gets locked out.", attemptsLeft); StatusText.Text = message; } ModelState.AddModelError("", message); } else if (validCredentials == null) { ModelState.AddModelError("", "Invalid credentials. Please try again."); StatusText.Text = "Invalid credentials. Please try again."; } else { var authenticationManager = HttpContext.Current.GetOwinContext().Authentication; var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie); authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity); userManager.ResetAccessFailedCount(user.Id); string vig = DateTime.Now.Year.ToString(); SetCookieUser(UserName.Text, vig); string url = Request.QueryString["ReturnUrl"]; if (url == "" || url == null) { gesMenuAdapter mg = new gesMenuAdapter(); List<dataTree> l = mg.getOpciones("INICI", UserName.Text); if (l.Where(t => t.roles == "INICIAdministrativo").FirstOrDefault() != null) { SetCookieRol("administrador"); url = "/Inicio/Administrativo/Inicio.aspx"; } else { if (l.Where(t => t.roles == "INICIAcudientes").FirstOrDefault() != null) { SetCookieRol("acudiente"); url = "/Inicio/Acudientes/Inicio.aspx"; } } } IdentityHelper.RedirectToReturnUrl(url, Response); } } else { StatusText.Text = "Invalid username or password."; } }