public ActionResult Login()
{
var username = Request["username"];
var password = Request["password"];
Lab3User model = new Lab3User();
this.db.Add(new UserLog()
{
username = username,
ip = Request.UserHostAddress,
time = DateTime.Now
})
this.db.SaveChanges();
//code funktioniert nicht aber, hier waere gedacht, dass wenn zu viele Requests in einem zeitraum gemacht wurden, das System eine EXception wirft. bzw. den HAccker nicht zulaesst.
int attemptInLast5Min = this.db.UserLogs.Where(u => u.time <= DateTime.Now && u.time > DateTime.Now.AddMinutes(-5)).Count
if (attemptInLast5Min > 5)
{
throw new Exception("Too many attempts");
}
if (model.checkCredentials(username, password))
{
return(RedirectToAction("Backend", "Lab3"));
}
else
{
ViewBag.message = "Wrong Credentials";
return(View());
}
}
public ActionResult Login()
{
var username = Request["username"];
var password = Request["password"];
Lab3User model = new Lab3User();
if (model.checkCredentials(username, password))
{
return(RedirectToAction("Backend", "Lab3"));
}
else
{
ViewBag.message = "Wrong Credentials";
return(View());
}
}
