Exemple #1
0
    /// <summary>
    /// Generate passcode and fire it through MultifactorAuthenticate event.
    /// </summary>
    /// <param name="user">User info.</param>
    public string GeneratePasscode(UserInfo user)
    {
        // Fire MultifactorAuthenticate event
        MFAuthenticationHelper.IssuePasscode(user.UserName);
        if (MembershipContext.MFAuthenticationTokenNotInitialized && MFAuthenticationHelper.DisplayTokenID)
        {
            var sb = new StringBuilder("missingToken|");
            sb.Append(GetString("mfauthentication.isRequired"), " ", GetString("mfauthentication.token.get"),
                      ARGUMENTS_SEPARATOR, GetString("mfauthentication.label.token"), ARGUMENTS_SEPARATOR,
                      MFAuthenticationHelper.GetTokenIDForUser(user.UserName));

            return(sb.ToString());
        }
        return("waitingForPasscode");
    }
Exemple #2
0
    void Login1_LoginError(object sender, EventArgs e)
    {
        bool showError = true;

        // Ban IP addresses which are blocked for login
        if (MembershipContext.UserIsBanned)
        {
            DisplayError(GetString("banip.ipisbannedlogin"));
        }
        else if (AuthenticationHelper.DisplayAccountLockInformation(SiteContext.CurrentSiteName) && MembershipContext.UserAccountLockedDueToInvalidLogonAttempts)
        {
            DisplayAccountLockedError(GetString("invalidlogonattempts.unlockaccount.accountlocked"));
        }
        else if (AuthenticationHelper.DisplayAccountLockInformation(SiteContext.CurrentSiteName) && MembershipContext.UserAccountLockedDueToPasswordExpiration)
        {
            DisplayAccountLockedError(GetString("passwordexpiration.accountlocked"));
        }
        else if (MembershipContext.UserIsPartiallyAuthenticated && !MembershipContext.UserAuthenticationFailedDueToInvalidPasscode)
        {
            if (MembershipContext.MFAuthenticationTokenNotInitialized && MFAuthenticationHelper.DisplayTokenID)
            {
                var lblTokenInfo = Login1.FindControl("lblTokenInfo") as LocalizedLabel;
                var lblTokenID   = Login1.FindControl("lblTokenID") as LocalizedLabel;
                var plcTokenInfo = Login1.FindControl("plcTokenInfo");

                if (lblTokenInfo != null)
                {
                    lblTokenInfo.Text    = string.Format("{0} {1}", GetString("mfauthentication.isRequired"), GetString("mfauthentication.token.get"));
                    lblTokenInfo.Visible = true;
                }

                if (lblTokenID != null)
                {
                    lblTokenID.Text = MFAuthenticationHelper.GetTokenIDForUser(Login1.UserName);
                }

                if (plcTokenInfo != null)
                {
                    plcTokenInfo.Visible = true;
                }
            }

            if (string.IsNullOrEmpty(DisplayedError))
            {
                HideError();
            }

            showError = false;
        }
        else if (!MembershipContext.UserIsPartiallyAuthenticated)
        {
            // Show login and password screen
            var plcPasscodeBox = Login1.FindControl("plcPasscodeBox");
            var plcLoginInputs = Login1.FindControl("plcLoginInputs");
            var plcTokenInfo   = Login1.FindControl("plcTokenInfo");
            if (plcLoginInputs != null)
            {
                plcLoginInputs.Visible = true;
            }
            if (plcPasscodeBox != null)
            {
                plcPasscodeBox.Visible = false;
            }
            if (plcTokenInfo != null)
            {
                plcTokenInfo.Visible = false;
            }
        }

        if (showError && string.IsNullOrEmpty(DisplayedError))
        {
            DisplayError(DataHelper.GetNotEmpty(FailureText, GetString("Login_FailureText")));
        }
    }
    /// <summary>
    /// Login error handler.
    /// </summary>
    protected void loginElem_LoginError(object sender, EventArgs e)
    {
        bool showError = true;

        // Ban IP addresses which are blocked for login
        if (MembershipContext.UserIsBanned)
        {
            DisplayError(GetString("banip.ipisbannedlogin"));
        }
        // Check if account locked due to reaching maximum invalid logon attempts
        else if (AuthenticationHelper.DisplayAccountLockInformation(SiteContext.CurrentSiteName) && MembershipContext.UserAccountLockedDueToInvalidLogonAttempts)
        {
            string msg = GetString("invalidlogonattempts.unlockaccount.accountlocked");

            if (!ErrorAsPopup)
            {
                msg += " " + string.Format(GetString("invalidlogonattempts.unlockaccount.accountlockedlink"), GetLogonAttemptsUnlockingLink());
            }
            DisplayError(msg);
        }
        // Check if account locked due to password expiration
        else if (AuthenticationHelper.DisplayAccountLockInformation(SiteContext.CurrentSiteName) && MembershipContext.UserAccountLockedDueToPasswordExpiration)
        {
            string msg = GetString("passwordexpiration.accountlocked");

            if (!ErrorAsPopup)
            {
                msg += " " + string.Format(GetString("invalidlogonattempts.unlockaccount.accountlockedlink"), GetLogonAttemptsUnlockingLink());
            }
            DisplayError(msg);
        }
        else if (MembershipContext.UserIsPartiallyAuthenticated && !MembershipContext.UserAuthenticationFailedDueToInvalidPasscode)
        {
            if (MembershipContext.MFAuthenticationTokenNotInitialized && MFAuthenticationHelper.DisplayTokenID)
            {
                var plcTokenInfo = loginElem.FindControl("plcTokenInfo");
                var lblTokenID   = loginElem.FindControl("lblTokenID") as LocalizedLabel;

                if (lblTokenID != null)
                {
                    lblTokenID.Text = string.Format("{0} {1}", GetString("mfauthentication.label.token"), MFAuthenticationHelper.GetTokenIDForUser(loginElem.UserName));
                }

                if (plcTokenInfo != null)
                {
                    plcTokenInfo.Visible = true;
                }
            }

            if (string.IsNullOrEmpty(DisplayedError))
            {
                HideError();
            }

            showError = false;
        }
        else if (!MembershipContext.UserIsPartiallyAuthenticated)
        {
            // Show login and password screen
            var plcPasscodeBox = loginElem.FindControl("plcPasscodeBox");
            var plcLoginInputs = loginElem.FindControl("plcLoginInputs");
            var plcTokenInfo   = loginElem.FindControl("plcTokenInfo");
            if (plcLoginInputs != null)
            {
                plcLoginInputs.Visible = true;
            }
            if (plcPasscodeBox != null)
            {
                plcPasscodeBox.Visible = false;
            }
            if (plcTokenInfo != null)
            {
                plcTokenInfo.Visible = false;
            }
        }

        if (showError && string.IsNullOrEmpty(DisplayedError))
        {
            DisplayError(DataHelper.GetNotEmpty(FailureText, GetString("Login_FailureText")));
        }

        // Display the failure message in a client-side alert box
        if (ErrorAsPopup)
        {
            if (string.IsNullOrEmpty(DisplayedError))
            {
                return;
            }
            ScriptHelper.RegisterStartupScript(this, GetType(), "LoginError", ScriptHelper.GetScript("alert(" + ScriptHelper.GetString(HTMLHelper.StripTags(DisplayedError)) + ");"));

            // Hide error message
            HideError();
        }
    }