// Method to authorize the user public bool CheckUserCredentials(System.Web.SessionState.HttpSessionState currentSession, string username, string password) { bool isValid = myDataLayer.ValidateUser(username, password); // Set the lock to false obviously so the user has at least one attempt to login. currentSession["LockedSession"] = false; /* The logic for the following lines are as follows: * The user has at least 3 chances to log in succesfully. * A count is kept at each attempt. Failure will lock the user out */ int totalAttempts = Convert.ToInt32(currentSession["AttemptCount"]) + 1; currentSession["AttemptCount"] = totalAttempts; // Add one to total attempts int userAttempts = Convert.ToInt32(currentSession[username]) + 1; currentSession[username] = userAttempts; // Conditional statement to lock the user out after 3 or 6 attempts. if ((userAttempts >= 3) || (totalAttempts >= 6)) { currentSession["LockedSession"] = true; myDataLayer.LockUserAccount(username); } return(isValid); }
public bool CheckUserCredentials(System.Web.SessionState.HttpSessionState currentSession, string username, string password) { //Set starting session as unlocked currentSession["LockedSession"] = false; //Add one to current attempts int totalAttempts = Convert.ToInt32(currentSession["AttemptCount"]) + 1; currentSession["AttemptCount"] = totalAttempts; //Locks login function when total attempts are met if (totalAttempts > 4) { currentSession["LockedSession"] = true; } return(myDataLayer.ValidateUser(username, password)); }
public bool CheckUserCredentials(System.Web.SessionState.HttpSessionState currentSession, string username) { //Locks user out of current login session if attemps fail currentSession["LockedSession"] = false; //Sets total attempts to current session int totalAttempts = Convert.ToInt32(currentSession["AttemptCount"]) + 1; currentSession["AttemptCount"] = totalAttempts; //Sets user attempts to current session int userAttempts = Convert.ToInt32(currentSession[username]) + 1; currentSession[username] = userAttempts; //Creates if statement if user attempts are greater than 3 and locks them out if ((userAttempts > 3) || (totalAttempts > 6)) { currentSession["LockedSession"] = true; myDataLayer.LockUserAccount(username); } return(myDataLayer.ValidateUser(username)); }
protected void LnkBtnUserLogin_Click(object sender, EventArgs e) { string username = txtUserID.Text; string password = txtUserPassword.Text; //check if txtUserID and txtUserPassword is blank/null if (string.IsNullOrWhiteSpace(username) && string.IsNullOrWhiteSpace(password)) { loginWarningLabel.Text = "Please Provide a User Name and Password"; } else if (string.IsNullOrWhiteSpace(username) && !string.IsNullOrWhiteSpace(password)) { loginWarningLabel.Text = "Please Provide a User Name"; } else if (!string.IsNullOrWhiteSpace(username) && string.IsNullOrWhiteSpace(password)) { loginWarningLabel.Text = "Please Provide a Password"; } // validate the provided credentials bool isUserVerified = DataLayer.ValidateUser(username, password); if (isUserVerified) { // log user in if user is verified DataLayer.UserLogin(username, password); Session["sessionUserID"] = username; Response.Redirect("~/frmDashboard.aspx"); } else { // handle the case where the login credentials do not match what's in database loginWarningLabel.Text = "Incorrect Login Credentials, try again"; } }
/// check credentials // CheckUserCredentials method public bool CheckUserCredentials(System.Web.SessionState.HttpSessionState currentSession, string username, string passwd) { // set locked to false currentSession["LockedSession"] = false; // total attempts to unlock int totalAttempts = Convert.ToInt32(currentSession["AttemptCount"]) + 1; currentSession["AttemptCount"] = totalAttempts; // attempts to unlock int userAttempts = Convert.ToInt32(currentSession[username]) + 1; currentSession[username] = userAttempts; // if greater than 3 or total > 6 lock acct if ((userAttempts > 3) || (totalAttempts > 6)) { currentSession["LockedSession"] = true; myDataLayer.LockUserAccount(username); } return(myDataLayer.ValidateUser(username, passwd)); }