public ActionResult Login() { var username = Request["username"]; var password = Request["password"]; Lab3User model = new Lab3User(); this.db.Add(new UserLog() { username = username, ip = Request.UserHostAddress, time = DateTime.Now }) this.db.SaveChanges(); //code funktioniert nicht aber, hier waere gedacht, dass wenn zu viele Requests in einem zeitraum gemacht wurden, das System eine EXception wirft. bzw. den HAccker nicht zulaesst. int attemptInLast5Min = this.db.UserLogs.Where(u => u.time <= DateTime.Now && u.time > DateTime.Now.AddMinutes(-5)).Count if (attemptInLast5Min > 5) { throw new Exception("Too many attempts"); } if (model.checkCredentials(username, password)) { return(RedirectToAction("Backend", "Lab3")); } else { ViewBag.message = "Wrong Credentials"; return(View()); } }
public ActionResult Login() { var username = Request["username"]; var password = Request["password"]; Lab3User model = new Lab3User(); if (model.checkCredentials(username, password)) { return(RedirectToAction("Backend", "Lab3")); } else { ViewBag.message = "Wrong Credentials"; return(View()); } }