public void LogOut()
{
CheckLogin();
if (LoginKey != null)
{
MembershipLogin.Del(LoginKey);
}
//Response.Cookies.Add(new HttpCookie(CookiesKey, ""));
}
private void CheckLogin()
{
if (isCheck)
{
return;
}
isCheck = true;
try
{
var ck = Cookies.Get(CookiesKey);
if (ck == null)
{
return;
}
LoginKey = new Guid(ck.Value);
var login = LoginService.Get(LoginKey);
if (login == null)
{
return;
}
if (!login.Remember && ((DateTime.UtcNow - login.OnlineDate) > TimeOut))
{
MembershipLogin.Del(LoginKey);
//Response.Cookies.Add(new HttpCookie(CookiesKey, ""));
return;
}
User = MembershipService.Get(login.UserId);
if (User == null)
{
return;
}
if (User.Password != login.Password)
{
User = null;
MembershipLogin.Del(LoginKey);
return;
}
MembershipLogin.UpdateOnline(LoginKey);
Type = (TypeLogin)login.TypeLogin;
}
catch (Exception ex)
{
User = null;
Type = TypeLogin.NotLogin;
LoggingService.Error(ex);
}
}
public void Add(MembershipLogin login)
{
using (var Cmd = _context.CreateCommand())
{
Cmd.CommandText = "INSERT INTO [dbo].[MembershipLogin]([Id],[UserId],[Password],[TypeLogin],[LoginDate],[OnlineDate],[Remember])" +
"VALUES (@Id,@UserId,@Password,@TypeLogin,@LoginDate,@OnlineDate,@Remember)";
Cmd.AddParameters("Id", login.Id);
Cmd.AddParameters("UserId", login.UserId);
Cmd.AddParameters("Password", login.Password);
Cmd.AddParameters("TypeLogin", login.TypeLogin);
Cmd.AddParameters("LoginDate", login.LoginDate);
Cmd.AddParameters("OnlineDate", login.OnlineDate);
Cmd.AddParameters("Remember", login.Remember);
Cmd.command.ExecuteNonQuery();
}
}
public LoginAttemptStatus ValidateUser(string UserName, string Password, bool Remember = false, TypeLogin type = TypeLogin.UserLogin)
{
LogOut();
var LastLoginStatus = LoginAttemptStatus.LoginSuccessful;
var user = MembershipService.GetUser(UserName);
if (user == null)
{
LastLoginStatus = LoginAttemptStatus.UserNotFound;
}
else if (user.IsBanned)
{
LastLoginStatus = LoginAttemptStatus.Banned;
}
else if (user.IsLockedOut)
{
LastLoginStatus = LoginAttemptStatus.UserLockedOut;
}
else if (!user.IsApproved)
{
LastLoginStatus = LoginAttemptStatus.UserNotApproved;
}
if (LastLoginStatus == LoginAttemptStatus.LoginSuccessful)
{
var allowedPasswordAttempts = maxInvalidPasswordAttempts;
if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
{
LastLoginStatus = LoginAttemptStatus.PasswordAttemptsExceeded;
}
var salt = user.PasswordSalt;
var hash = StringUtils.GenerateSaltedHash(Password, salt);
var passwordMatches = hash == user.Password;
user.FailedPasswordAttemptCount = passwordMatches ? 0 : user.FailedPasswordAttemptCount + 1;
if (user.FailedPasswordAttemptCount >= allowedPasswordAttempts)
{
user.IsLockedOut = true;
user.LastLockoutDate = DateTime.UtcNow;
}
if (!passwordMatches)
{
LastLoginStatus = LoginAttemptStatus.PasswordIncorrect;
}
else
{
user.LastLoginDate = DateTime.UtcNow;
}
using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork())
{
try
{
MembershipService.UpdateLogin(user);
var datenow = DateTime.UtcNow;
var datakey = new Entities.MembershipLogin
{
UserId = user.Id,
Password = user.Password,
LoginDate = datenow,
OnlineDate = datenow,
Remember = Remember,
TypeLogin = Convert.ToInt32(type)
};
MembershipLogin.Add(datakey);
Response.Cookies.Add(new HttpCookie(CookiesKey, datakey.Id.ToString()));
unitOfWork.Commit();
}
catch (Exception ex)
{
unitOfWork.Rollback();
LoggingService.Error(ex);
LastLoginStatus = LoginAttemptStatus.OutOfException;
}
}
}
return(LastLoginStatus);
}