public void CheckLoginBlocades(int userId)
{
LoginBlocade loginBlocade = dbContext.GetActiveBlocadeByUserId(userId);
string ip = "";
try
{
ip = Request.HttpContext.Connection.RemoteIpAddress.MapToIPv4().ToString();
}
catch { }
if (loginBlocade == null)
{
loginBlocade =
dbContext
.GetActiveBlocadeByIp(ip);
if (loginBlocade != null)
{
throw new LoginBlocadeException(
"This IP address is blocked until " +
loginBlocade.BlockUntil +
". Failed attemps: " +
loginBlocade.FailCount);
}
}
else
{
throw new LoginBlocadeException(
"This user is blocked until " +
loginBlocade.BlockUntil +
". Failed attemps: " +
loginBlocade.FailCount);
}
}
public int SaveIpBlocade(LoginBlocade loginBlocade)
{
string sqlQuery = "Insert Into LoginBlocade " +
"(IpAddress, FailCount, BlockUntil) " +
"Values(@IpAddress, @FailCount, @BlockUntil)";
return(db.Execute(sqlQuery, loginBlocade));
}
public int SaveUserBlocade(LoginBlocade loginBlocade)
{
string sqlQuery = "Insert Into LoginBlocade " +
"(UserId, FailCount, BlockUntil) " +
"Values(@UserId, @FailCount, @BlockUntil)";
return(db.Execute(sqlQuery, loginBlocade));
}
public int UpdateIpBlocade(LoginBlocade loginBlocade)
{
string sqlQuery = "Update LoginBlocade " +
$"set FailCount = {loginBlocade.FailCount}, " +
$"BlockUntil = '{loginBlocade.BlockUntil:yyyy-MM-dd HH:mm:ss.fff}' " +
$"where IpAddress = '{loginBlocade.IpAddress}'";
return(db.Execute(sqlQuery));
}
public int DeleteIpBlocadeIfExists(string ipAddress)
{
LoginBlocade loginBlocade = dbContext.GetBlocadeByIp(ipAddress);
if (loginBlocade == null)
{
return(0);
}
else
{
return(dbContext.DeleteIpBlocade(ipAddress));
}
}
public void TestCreateOrUpdateIpBlocade_ReturnsExpectedBlocadeObject_WhenIpIsPassed()
{
string ipToTest = "1.1.1.1";
LoginBlocade blocadeMock = new LoginBlocade()
{
Id = 1,
UserId = 1,
IpAddress = ipToTest,
FailCount = 3,
BlockUntil = LoginHelper.TruncateDateTime(DateTime.Now).AddSeconds(10)
};
LoginBlocade expectedBlocade = new LoginBlocade()
{
Id = 1,
UserId = 1,
IpAddress = ipToTest,
FailCount = 4,
BlockUntil = LoginHelper.TruncateDateTime(DateTime.Now).AddSeconds(60)
};
Mock <IDbContext> mockDbContext = new Mock <IDbContext>();
mockDbContext
.Setup(m => m.GetBlocadeByIp(ipToTest))
.Returns(blocadeMock);
mockDbContext
.Setup(m => m.SaveIpBlocade(It.IsAny <LoginBlocade>()))
.Returns(0);
mockDbContext
.Setup(m => m.UpdateIpBlocade(It.IsAny <LoginBlocade>()))
.Returns(0);
LoginHelper loginHelper = new LoginHelper(mockDbContext.Object);
var expected = JsonConvert.SerializeObject(expectedBlocade);
var actual = JsonConvert.SerializeObject(loginHelper.CreateOrUpdateLoginIpBlocade(ipToTest, TimeInterval.Minutes));
Assert.Equal(expected, actual);
}
protected LoginBlocade UpdateBlocadeParams(LoginBlocade loginBlocade, TimeInterval interval = TimeInterval.Seconds)
{
loginBlocade.FailCount += 1;
if (loginBlocade.FailCount == 2)
{
loginBlocade.BlockUntil = TruncateDateTime(DateTime.Now).AddSeconds(5);
}
else if (loginBlocade.FailCount == 3)
{
loginBlocade.BlockUntil = TruncateDateTime(DateTime.Now).AddSeconds(10);
}
else if (loginBlocade.FailCount > 3)
{
loginBlocade.BlockUntil = TruncateDateTime(DateTime.Now).AddSeconds(60);
}
return(loginBlocade);
}
public LoginBlocade CreateOrUpdateLoginIpBlocade(string ipAddress, TimeInterval interval = TimeInterval.Seconds)
{
LoginBlocade loginBlocade = dbContext.GetBlocadeByIp(ipAddress);
if (loginBlocade == null)
{
loginBlocade = new LoginBlocade()
{
IpAddress = ipAddress,
FailCount = 1,
BlockUntil = TruncateDateTime(DateTime.Now)
};
dbContext.SaveIpBlocade(loginBlocade);
}
else
{
loginBlocade = UpdateBlocadeParams(loginBlocade, interval);
dbContext.UpdateIpBlocade(loginBlocade);
}
return(loginBlocade);
}
public LoginBlocade CreateOrUpdateLoginUserIdBlocade(int userId, TimeInterval interval = TimeInterval.Seconds)
{
LoginBlocade loginBlocade = dbContext.GetBlocadeByUserId(userId);
if (loginBlocade == null)
{
loginBlocade = new LoginBlocade()
{
UserId = userId,
FailCount = 1,
BlockUntil = TruncateDateTime(DateTime.Now)
};
dbContext.SaveUserBlocade(loginBlocade);
}
else
{
loginBlocade = UpdateBlocadeParams(loginBlocade, interval);
dbContext.UpdateUserBlocade(loginBlocade);
}
return(loginBlocade);
}
