bool ValidLogin(Login login)
        {
            UserStore <IdentityUser>   userStore   = new UserStore <IdentityUser>();
            UserManager <IdentityUser> userManager = new UserManager <IdentityUser>(userStore)
            {
                UserLockoutEnabledByDefault          = true,
                DefaultAccountLockoutTimeSpan        = new TimeSpan(0, 10, 0),
                MaxFailedAccessAttemptsBeforeLockout = 5
            };
            var user = userManager.FindByName(login.UserName);

            if (user == null)
            {
                UserNoFound = true;
                return(false);
            }


            // User is locked out.
            if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
            {
                Locked = true;
                return(false);
            }


            // Validated user was locked out but now can be reset.
            if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id))

            {
                if (userManager.SupportsUserLockout &&
                    userManager.GetAccessFailedCount(user.Id) > 0)
                {
                    userManager.ResetAccessFailedCount(user.Id);
                }
            }
            // Login is invalid so increment failed attempts.
            else
            {
                bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
                PasswordIncorrent = true;
                if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
                {
                    userManager.AccessFailed(user.Id);
                    return(false);
                }
            }
            return(true);
        }
Esempio n. 2
0
        public ActionResult Status(string id)
        {
            var UserManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(db));
            var userId      = UserManager.FindById(id).Id;

            if (UserManager.GetLockoutEnabled(userId) == true)
            {
                UserManager.SetLockoutEnabled(userId, false);
            }
            else
            {
                UserManager.SetLockoutEnabled(userId, true);
            }
            return(RedirectToAction("Index"));
        }
Esempio n. 3
0
        private void initAdmin()
        {
            ApplicationDbContext context = new ApplicationDbContext();

            var roleManager = new RoleManager <IdentityRole>(new RoleStore <IdentityRole>(context));
            var UserManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(context));


            // In Startup iam creating first Admin Role and creating a default Admin User
            if (!roleManager.RoleExists("Admin"))
            {
                // first we create Admin rool
                var role = new Microsoft.AspNet.Identity.EntityFramework.IdentityRole();
                role.Name = "Admin";
                roleManager.Create(role);

                //Here we create a Admin super user who will maintain the website

                var user = new ApplicationUser();
                user.UserName = "******";
                user.Email    = "*****@*****.**";

                string userPWD = "zaq1@WSX";

                var chkUser = UserManager.Create(user, userPWD);

                //Add default User to Role Admin
                if (chkUser.Succeeded)
                {
                    var result1 = UserManager.AddToRole(user.Id, "Admin");
                }
                UserManager.GetLockoutEnabled(user.Id);
            }

            // creating Creating Manager role
            if (!roleManager.RoleExists("OkUser"))
            {
                var role = new Microsoft.AspNet.Identity.EntityFramework.IdentityRole();
                role.Name = "OkUser";
                roleManager.Create(role);
            }
        }
        bool ValidLogin(Login login)
        {
            UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
            UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore)
            {
                UserLockoutEnabledByDefault = true,
                DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
                MaxFailedAccessAttemptsBeforeLockout = 3
            };
            var user = userManager.FindByName(login.UserName);

            if (user == null)
                return false;

            // User is locked out. 
            if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
                return false;

            // Validated user was locked out but now can be reset. 
            if (userManager.CheckPassword(user, login.Password)
                    && userManager.IsEmailConfirmed(user.Id))
            {
                if (userManager.SupportsUserLockout
                 && userManager.GetAccessFailedCount(user.Id) > 0)
                {
                    userManager.ResetAccessFailedCount(user.Id);
                }
            }
            // Login is invalid so increment failed attempts. 
            else {
                bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
                if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
                {
                    userManager.AccessFailed(user.Id);
                    return false;
                }
            }
            return true;
        }
        bool ValidLogin(Login login)
        {
            UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
            UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore)
            {
                UserLockoutEnabledByDefault = true,
                DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
                MaxFailedAccessAttemptsBeforeLockout = 3
            };
            var user = userManager.FindByName(login.UserName);

            if (user == null)
                return false;

            // User is locked out.
            if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
            {
                return false;
            }

            // Validated user was locked out but now can be reset.
            if (userManager.CheckPassword(user, login.Password))
            {
                if (userManager.SupportsUserLockout
                 && userManager.GetAccessFailedCount(user.Id) > 0)
                {
                    userManager.ResetAccessFailedCount(user.Id);
                }
            }

            // Login is invalid so increment failed attempts.
            else {
                bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
                if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
                {
                    userManager.AccessFailed(user.Id);
                    return false;
                }
                CaptchaHelper captchaHelper = new CaptchaHelper();
                string captchaResponse = captchaHelper.CheckRecaptcha();
                if (captchaResponse != "Valid")
                {
                    ViewBag.ErrorResponse = "The captcha must be valid";

                }
            }
            return true;
        }
Esempio n. 6
0
        protected void BtnIniciar_Click1(object sender, EventArgs e)
        {
            var userStore = new UserStore<IdentityUser>();
            var userManager = new UserManager<IdentityUser>(userStore);
            //var user = userManager.Find(UserName.Text, Password.Text);

            var user = userManager.FindByName(UserName.Text);

            if (user != null)
            {
                var validCredentials = userManager.Find(UserName.Text, Password.Text);

                if (userManager.IsLockedOut(user.Id))
                {
                    ModelState.AddModelError("", string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()));
                    StatusText.Text = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString());
                }
                else if (userManager.GetLockoutEnabled(user.Id) && validCredentials == null)
                {
                    userManager.AccessFailed(user.Id);
                    string message;
                    if (userManager.IsLockedOut(user.Id))
                    {
                        message = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString());
                        StatusText.Text = message;
                    }
                    else
                    {
                        int accessFailedCount = userManager.GetAccessFailedCount(user.Id);
                        int attemptsLeft =
                            Convert.ToInt32(
                                ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString()) -
                            accessFailedCount;
                        message = string.Format(
                            "Invalid credentials. You have {0} more attempt(s) before your account gets locked out.", attemptsLeft);
                        StatusText.Text = message;
                    }

                    ModelState.AddModelError("", message);
                }
                else if (validCredentials == null)
                {
                    ModelState.AddModelError("", "Invalid credentials. Please try again.");
                    StatusText.Text = "Invalid credentials. Please try again.";
                }
                else
                {

                    var authenticationManager = HttpContext.Current.GetOwinContext().Authentication;
                    var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);

                    authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity);
                    userManager.ResetAccessFailedCount(user.Id);

                    string vig = DateTime.Now.Year.ToString();
                    SetCookieUser(UserName.Text, vig);

                    string url = Request.QueryString["ReturnUrl"];
                    if (url == "" || url == null)
                    {
                        gesMenuAdapter mg = new gesMenuAdapter();
                        List<dataTree> l = mg.getOpciones("INICI", UserName.Text);
                        if (l.Where(t => t.roles == "INICIAdministrativo").FirstOrDefault() != null)
                        {
                            SetCookieRol("administrador");
                            url = "/Inicio/Administrativo/Inicio.aspx";
                        }
                        else
                        {
                            if (l.Where(t => t.roles == "INICIAcudientes").FirstOrDefault() != null)
                            {
                                SetCookieRol("acudiente");
                                url = "/Inicio/Acudientes/Inicio.aspx";
                            }
                        }
                    }
                    IdentityHelper.RedirectToReturnUrl(url, Response);
                }

            }
            else
            {
                StatusText.Text = "Invalid username or password.";
            }
        }