public void Handle(SuccessfulLoginEvent evt)
{
using (var db = new CustomDatabase())
{
var audit = new AuthenticationAudit
{
Date = DateTime.UtcNow,
Activity = "Login Success",
Detail = null,
ClientIP = HttpContext.Current.Request.UserHostAddress,
};
db.Audits.Add(audit);
db.SaveChanges();
}
}
public void Handle(FailedLoginEvent <CustomUserAccount> evt)
{
using (var db = new CustomDatabase())
{
var audit = new AuthenticationAudit
{
Date = DateTime.UtcNow,
Activity = "Login Failure",
Detail = evt.GetType().Name + ", Failed Login Count: " + evt.Account.FailedLoginCount,
ClientIP = HttpContext.Current.Request.UserHostAddress,
};
db.Audits.Add(audit);
db.SaveChanges();
}
}
public void Handle(PasswordChangedEvent <CustomUserAccount> evt)
{
using (var db = new CustomDatabase())
{
var oldEntires =
db.PasswordHistory.Where(x => x.UserID == evt.Account.ID).OrderByDescending(x => x.DateChanged).ToArray();
for (var i = 0; i < 3 && oldEntires.Length > i; i++)
{
var oldHash = oldEntires[i].PasswordHash;
if (new DefaultCrypto().VerifyHashedPassword(oldHash, evt.NewPassword))
{
throw new ValidationException("New Password must not be same as the past three");
}
}
}
}