/// <summary> /// /// Updating the failed attempts for the users to update the users attempts /// /// </summary> /// <param name="incomingFailedAttempt"></param> /// <returns></returns> public ResponseDto <bool> UpdateFailedAttempt(FailedAttempts incomingFailedAttempt) { using (var dbContextTransaction = authenticationContext.Database.BeginTransaction()) { try { (from account in authenticationContext.UserAccounts where account.Id == incomingFailedAttempt.Id select account.Id).First(); // Updating the failed attempts authenticationContext.FailedAttempts.AddOrUpdate(incomingFailedAttempt); authenticationContext.SaveChanges(); // Commiting the trasaction to the Database dbContextTransaction.Commit(); return(new ResponseDto <bool>() { Data = true }); } catch (Exception) { // Rolls back the changes saved in the transaction dbContextTransaction.Rollback(); // Returning a false and Error return(new ResponseDto <bool>() { Data = false, Error = GeneralErrorMessages.GENERAL_ERROR }); } } }
private ResponseDto <LoginDto> FailedAttempt(FailedAttempts attempts, string error) { using (var gateway = new AuthenticationGateway()) { gateway.UpdateFailedAttempt(attempts); } return(Error(error)); }
private void AddWordGuess(string word, bool isGoodGuess) { AllGuesses.Add(new WordGuess(isGoodGuess, word)); if (!isGoodGuess) { FailedAttempts.Add(new WordGuess(isGoodGuess, word)); EndGameIfLost(); } }
private ResponseDto <LoginDto> SuccessfulAttempt(FailedAttempts attempts, LoginDto dto) { using (var gateway = new AuthenticationGateway()) { gateway.UpdateFailedAttempt(attempts); } return(new ResponseDto <LoginDto>() { Data = dto }); }
public void Should_ReturnTrue_When_UserIdIsNull_InFailedAttempt() { // Arrange var gateway = new AuthenticationGateway(); var incomingFailedAttempt = new FailedAttempts() { LastAttemptTime = DateTime.UtcNow }; // Act var result = gateway.UpdateFailedAttempt(incomingFailedAttempt); // Assert result.Data.Should().BeFalse(); result.Error.Should().NotBeNullOrEmpty(); }
/// <summary> /// This Method contains all the logic that is implemented to authenticate the user with the database /// </summary> /// <param name="loginDto"></param> /// <returns> /// ResponseDto with the updated LoginDto /// </returns> public ResponseDto <LoginDto> LoginUser(LoginDto loginDto) { var loginPreLogicValidationStrategy = new LoginPreLogicValidationStrategy(loginDto); // Checking if the Dto has all the information it needs var validateLoginDtoResult = loginPreLogicValidationStrategy.ExecuteStrategy(); if (!validateLoginDtoResult.Data) { return(new ResponseDto <LoginDto> { Error = validateLoginDtoResult.Error }); } // Pulling attempts from DB using (var gateway = new AuthenticationGateway()) { var userAttemptsResult = gateway.GetFailedAttempt(loginDto.Username); // Checking if the gateway returns a false if (userAttemptsResult.Error != null) { return(Error(userAttemptsResult.Error)); } // If there is no Error then take the data out var userAttempts = userAttemptsResult.Data; // Checking if they already have 5 failed attempts 20 mins ago if (userAttempts == null) { userAttempts = new FailedAttempts() { LastAttemptTime = DateTime.UtcNow, Count = 0 }; } else if (userAttempts.Count >= 5) { var timeToCompare = DateTime.UtcNow.Subtract(TimeSpan.FromMinutes(20)); if (!(userAttempts.LastAttemptTime.CompareTo(timeToCompare) < 0)) { return(Error(AuthenticationErrorMessages.LOCKED_ACCOUNT)); } userAttempts.Count = 0; } // Pull the User From DB // Getting the user's ID var userAccountResult = gateway.GetUserAccount(loginDto.Username); if (userAccountResult.Error != null) { return(Error(userAccountResult.Error)); } // If there are no Errors from the gateway assign the data to an object var userAccount = userAccountResult.Data; // Set UserAttempts Id with the UserAccount Id userAttempts.Id = userAccount.Id; // Getting the Salt associated with the ID var saltResult = gateway.GetUserPasswordSalt(userAccount.Id); if (saltResult.Error != null) { return(Error(userAccountResult.Error)); } // Check if user is Active if (userAccount.IsActive == null || userAccount.IsActive == false) { return(Error(AuthenticationErrorMessages.INACTIVE_USER)); } var password = loginDto.Password; // Hash and Salting the Password var hashedPassword = new PayloadHasher().Sha256HashWithSalt(saltResult.Data.Salt, password); // Checking if the Password is equal to what is in the DataBase var checkPasswordResult = hashedPassword == userAccount.Password; // If Password matches log the attempt and send loginDto back if (checkPasswordResult) { userAttempts.Count = 0; return(SuccessfulAttempt(userAttempts, loginDto)); } // Checking if this is the 5th attempt to time stamp it if (++userAttempts.Count >= 5) { userAttempts.LastAttemptTime = DateTime.UtcNow; } return(FailedAttempt(userAttempts, AuthenticationErrorMessages.USERNAME_PASSWORD_ERROR)); } }