public SignInStatus TwoFactorSignIn(string provider, string code, bool isPersistent, bool rememberBrowser) { var userId = GetVerifiedUserId(); if (userId == null) { return(SignInStatus.Failure); } var user = UserManager.FindById(userId); if (user == null) { return(SignInStatus.Failure); } if (UserManager.IsLockedOut(user.Id)) { return(SignInStatus.LockedOut); } if (UserManager.VerifyTwoFactorToken(user.Id, provider, code)) { // When token is verified correctly, clear the access failed count used for lockout UserManager.ResetAccessFailedCount(user.Id); SignInAsync(user, isPersistent, rememberBrowser); return(SignInStatus.Success); } // If the token is incorrect, record the failure which also may cause the user to be locked out UserManager.AccessFailed(user.Id); return(SignInStatus.Failure); }
public SignInStatus PasswordSignIn(string userName, string password, bool isPersistent, bool shouldLockout) { var user = UserManager.FindByName(userName); if (user == null) { return(SignInStatus.Failure); } if (UserManager.IsLockedOut(user.Id)) { return(SignInStatus.LockedOut); } if (UserManager.CheckPassword(user, password)) { return(SignInOrTwoFactor(user, isPersistent)); } if (shouldLockout) { // If lockout is requested, increment access failed count which might lock out the user UserManager.AccessFailed(user.Id); if (UserManager.IsLockedOut(user.Id)) { return(SignInStatus.LockedOut); } } return(SignInStatus.Failure); }
protected override IPrincipal ValidateUser(string userName, string password) { var user = _userManager.FindByName(userName); if (user == null) { return(null); } if (_userManager.IsLockedOut(user.Id)) { return(null); } var result = _userManager.CheckPassword(user, password); if (result) { _userManager.ResetAccessFailedCount(user.Id); return(new ClaimsPrincipal(_userManager.CreateIdentity(user, "HTTP Basic"))); } if (_userManager.SupportsUserLockout) { _userManager.AccessFailed(user.Id); } return(null); }
/// <summary> /// Sign in the user in using the user name and password /// </summary> /// <param name="userName"></param> /// <param name="password"></param> /// <param name="ipAddress"></param> /// <param name="isPersistent"></param> /// <param name="shouldLockout"></param> /// <returns></returns> public SignInStatus TronixPasswordSignIn(string userName, string password, string[] ipAddress, bool isPersistent = false, bool shouldLockout = false) { var user = UserManager?.FindByName(userName); if (user == null) { return(SignInStatus.Failure); } if (user.Inactive) { return(SignInStatus.Failure); } if (UserManager.IsLockedOut(user.Id)) { return(SignInStatus.LockedOut); } if (UserManager.CheckPassword(user, password)) { UserManager.ResetAccessFailedCount(user.Id); return(SignInOrTwoFactor(user, isPersistent, ipAddress)); } if (!shouldLockout) { return(SignInStatus.Failure); } // If lockout is requested, increment access failed count which might lock out the user UserManager.AccessFailed(user.Id); return(UserManager.IsLockedOut(user.Id) ? SignInStatus.LockedOut : SignInStatus.Failure); }
public async Task <ActionResult> Login(LoginViewModel details, string returnUrl) { AppUser user = await UserManager.FindAsync(details.Name, details.Password); AppUser currUser = UserManager.Users.FirstOrDefault(u => u.UserName == details.Name); if ((user == null) || (currUser != null && UserManager.IsLockedOut(currUser.Id))) { if (currUser != null) { currUser.LockoutEnabled = true; if (UserManager.IsLockedOut(currUser.Id)) { ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}"); UserManager.ResetAccessFailedCount(currUser.Id); } else if (UserManager.MaxFailedAccessAttemptsBeforeLockout <= currUser.AccessFailedCount + 1) { currUser.LockoutEndDateUtc = DateTime.UtcNow.AddMinutes(1); await UserManager.UpdateAsync(currUser); UserManager.ResetAccessFailedCount(currUser.Id); ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}"); } else { UserManager.AccessFailed(currUser.Id); ModelState.AddModelError("", $"Некорректный пароль осталось {UserManager.MaxFailedAccessAttemptsBeforeLockout - UserManager.GetAccessFailedCount(currUser.Id)} попытки."); } } else { ModelState.AddModelError("", "Некорректное имя."); } } else { ClaimsIdentity ident = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie); await UserManager.ResetAccessFailedCountAsync(user.Id); AuthManager.SignOut(); AuthManager.SignIn(new AuthenticationProperties { IsPersistent = true }, ident); AccountInfoEvent($"Account wiht name:{user.UserName}; and id:{user.Id} has been successfuly logged in"); if (!string.IsNullOrEmpty(returnUrl)) { return(Redirect(returnUrl)); } else { return(RedirectToActionPermanent("Index", "Home")); } } return(View(details)); }
public void CanIncrementFailedAttempts() { UserManager.MaxFailedAccessAttemptsBeforeLockout = 5; var user = CreateBasicUser(); var result = UserManager.AccessFailed(user.Id); result.Succeeded.ShouldBe(true); UserManager.GetAccessFailedCount(user.Id).ShouldBe(1); }
public void LockoutAccount() { var userManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(this._session)); userManager.MaxFailedAccessAttemptsBeforeLockout = 3; userManager.UserLockoutEnabledByDefault = true; userManager.DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0); userManager.Create(new ApplicationUser() { UserName = "******", LockoutEnabled = true }, "Welcome"); var user = userManager.Find("test", "Welcome"); Assert.AreEqual(0, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.AreEqual(1, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.AreEqual(2, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.IsTrue(userManager.IsLockedOut(user.Id)); }
bool ValidLogin(Login login) { UserStore <IdentityUser> userStore = new UserStore <IdentityUser>(); UserManager <IdentityUser> userManager = new UserManager <IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 5 }; var user = userManager.FindByName(login.UserName); if (user == null) { UserNoFound = true; return(false); } // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) { Locked = true; return(false); } // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); PasswordIncorrent = true; if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return(false); } } return(true); }
//public void DeleteRole(string roleId) //{ // var roleUsers = _db.Users.Where(u => u.Roles.Any(r => r.RoleId == roleId)); // var role = _db.Roles.Find(roleId); // foreach (var user in roleUsers) // { // this.RemoveFromRole(user.Id, role.Name); // } // _db.Roles.Remove(role); // _db.SaveChanges(); //} protected void LogIn(object sender, EventArgs e) { if (IsValid) { // Validate the user password var manager = new UserManager(); ApplicationUser user = manager.Find(UserName.Text, Password.Text); if (user != null) { bool x = manager.IsLockedOut(user.Id); if (x) { usrststr.WriteStat(user.Id, "User is blocked"); FailureText.Text = "User is blocked"; ErrorMessage.Visible = true; } else { manager.ResetAccessFailedCount(user.Id); //IdentityHelper.SignIn(manager, user, RememberMe.Checked); IdentityHelper.SignIn(manager, user, false); // begin statistica usrststr.WriteStat(user.Id, "Login"); // end statistica IdentityHelper.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response); } } else { var r = manager.FindByName(UserName.Text); if (r != null) { usrststr.WriteStat(r.Id, "Invalid password."); FailureText.Text = "Invalid password."; ErrorMessage.Visible = true; if (manager.IsLockedOut(r.Id)) { } else { if (manager.IsInRole(r.Id, "Administrator") == true) { } else { var z = manager.SetLockoutEnabled(r.Id, true); manager.AccessFailed(r.Id); } usrststr.WriteStat(r.Id, "Access denied."); } } else { FailureText.Text = "Invalid username."; ErrorMessage.Visible = true; } } } }
bool ValidLogin(Login login) { UserStore<IdentityUser> userStore = new UserStore<IdentityUser>(); UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 3 }; var user = userManager.FindByName(login.UserName); if (user == null) return false; // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) return false; // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return false; } } return true; }
bool ValidLogin(Login login) { UserStore<IdentityUser> userStore = new UserStore<IdentityUser>(); UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 3 }; var user = userManager.FindByName(login.UserName); if (user == null) return false; // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) { return false; } // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return false; } CaptchaHelper captchaHelper = new CaptchaHelper(); string captchaResponse = captchaHelper.CheckRecaptcha(); if (captchaResponse != "Valid") { ViewBag.ErrorResponse = "The captcha must be valid"; } } return true; }
public async Task <ActionResult> SignIn([Bind(Include = "SinginId,Password")] SignInViewModel model) { bool signIn = false; SignInLogModel log = new SignInLogModel(); log.ClientIp = GetClientIp(); log.UserCode = model.SinginId; if (!ModelState.IsValid) { log.SetStatus(-1); dbContext.SignInLogModels.Add(log); dbContext.SaveChanges(); return(View(model)); } UserModel user = await UserManager.FindByNameAsync(model.SinginId); if (user != null) { log.UserModelId = user.Id; if (user.Deleted) { log.SetStatus(-2); dbContext.SignInLogModels.Add(log); dbContext.SaveChanges(); ModelState.AddModelError("", AuthResources.AuthError); return(View(model)); } if (UserManager.IsLockedOut(user.Id)) { log.SetStatus(-3); dbContext.SignInLogModels.Add(log); dbContext.SaveChanges(); ModelState.AddModelError("", AuthResources.AuthUserLockedOut); return(View(model)); } if (UserManager.CheckPassword(user, model.Password)) { if (user.Enabled == false) { log.SetStatus(-4); dbContext.SignInLogModels.Add(log); dbContext.SaveChanges(); ModelState.AddModelError("", AuthResources.AuthUserDisabled); return(View(model)); } if (user.PasswordSkipCnt >= 3) { log.SetStatus(-5); dbContext.SignInLogModels.Add(log); dbContext.SaveChanges(); ModelState.AddModelError("", AuthResources.AuthPasswordNoChange); return(View(model)); } signIn = true; } else { UserManager.AccessFailed(user.Id); if (UserManager.IsLockedOut(user.Id)) { log.SetStatus(-6); dbContext.SignInLogModels.Add(log); dbContext.SaveChanges(); ModelState.AddModelError("", AuthResources.AuthUserLockedOutNow); return(View(model)); } } } if (signIn) { user = await UserManager.FindAsync(model.SinginId, model.Password); AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie); ClaimsIdentity identity = await user.GenerateUserIdentityAsync(UserManager); AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, identity); await UserManager.ResetAccessFailedCountAsync(user.Id); log.SetStatus(0); dbContext.SignInLogModels.Add(log); dbContext.SaveChanges(); if (user.Expiration < DateTime.Now) { user.PasswordSkipCnt++; await UserManager.UpdateAsync(user); return(RedirectToAction("ExpirationChangePassword")); } // await UserManager.UpdateAsync(user); } else { log.SetStatus(-7); dbContext.SignInLogModels.Add(log); dbContext.SaveChanges(); ModelState.AddModelError("", AuthResources.AuthError); return(View(model)); } return(RedirectToHome()); }
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl) { string log; if (!ModelState.IsValid) { return(View(model)); } try { UserManager.UserLockoutEnabledByDefault = Convert.ToBoolean(ConfigurationManager.AppSettings["UserLockoutEnabled"]); UserManager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(Convert.ToDouble(ConfigurationManager.AppSettings["AccountLockoutTimeSpan"])); UserManager.MaxFailedAccessAttemptsBeforeLockout = Convert.ToInt32(ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"]); var usuario = await UserManager.FindByNameAsync(model.UserName); if (usuario != null) { if (await UserManager.IsLockedOutAsync(usuario.Id)) { ModelState.AddModelError("", string.Format(CommonMensajesResource.ERROR_Identity_UsuarioBloqueadoTemporalmente, ConfigurationManager.AppSettings["AccountLockoutTimeSpan"], ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"])); return(View(model)); } var passwordValid = UserManager.PasswordHasher.VerifyHashedPassword(usuario.PasswordHash, model.Password); if (passwordValid == PasswordVerificationResult.Failed) { UserManager.AccessFailed(usuario.Id); ModelState.AddModelError("", CommonMensajesResource.ERROR_Identity_UsuarioPassword); return(View(model)); } await SignInAsync(usuario, model.RememberMe); return(RedirectToLocal(returnUrl)); } } catch (BusinessException businessEx) { log = CommonManager.BuildMessageLog( TipoMensaje.Error, ControllerContext.Controller.ValueProvider.GetValue("controller").RawValue.ToString(), ControllerContext.Controller.ValueProvider.GetValue("action").RawValue.ToString(), businessEx.ToString(), Request); CommonManager.WriteBusinessLog(log, TipoMensaje.Error); return(View(model)); } catch (Exception e) { log = CommonManager.BuildMessageLog( TipoMensaje.Error, ControllerContext.Controller.ValueProvider.GetValue("controller").RawValue.ToString(), ControllerContext.Controller.ValueProvider.GetValue("action").RawValue.ToString(), e.ToString(), Request); CommonManager.WriteAppLog(log, TipoMensaje.Error); } ModelState.AddModelError("", CommonMensajesResource.ERROR_Identity_UsuarioPassword); return(View(model)); }
public void LockoutAccount() { var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this._session)); userManager.MaxFailedAccessAttemptsBeforeLockout = 3; userManager.UserLockoutEnabledByDefault = true; userManager.DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0); userManager.Create(new ApplicationUser() { UserName = "******", LockoutEnabled = true }, "Welcome"); var user = userManager.Find("test", "Welcome"); Assert.AreEqual(0, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.AreEqual(1, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.AreEqual(2, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.IsTrue(userManager.IsLockedOut(user.Id)); }
protected void BtnIniciar_Click1(object sender, EventArgs e) { var userStore = new UserStore<IdentityUser>(); var userManager = new UserManager<IdentityUser>(userStore); //var user = userManager.Find(UserName.Text, Password.Text); var user = userManager.FindByName(UserName.Text); if (user != null) { var validCredentials = userManager.Find(UserName.Text, Password.Text); if (userManager.IsLockedOut(user.Id)) { ModelState.AddModelError("", string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString())); StatusText.Text = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()); } else if (userManager.GetLockoutEnabled(user.Id) && validCredentials == null) { userManager.AccessFailed(user.Id); string message; if (userManager.IsLockedOut(user.Id)) { message = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()); StatusText.Text = message; } else { int accessFailedCount = userManager.GetAccessFailedCount(user.Id); int attemptsLeft = Convert.ToInt32( ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString()) - accessFailedCount; message = string.Format( "Invalid credentials. You have {0} more attempt(s) before your account gets locked out.", attemptsLeft); StatusText.Text = message; } ModelState.AddModelError("", message); } else if (validCredentials == null) { ModelState.AddModelError("", "Invalid credentials. Please try again."); StatusText.Text = "Invalid credentials. Please try again."; } else { var authenticationManager = HttpContext.Current.GetOwinContext().Authentication; var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie); authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity); userManager.ResetAccessFailedCount(user.Id); string vig = DateTime.Now.Year.ToString(); SetCookieUser(UserName.Text, vig); string url = Request.QueryString["ReturnUrl"]; if (url == "" || url == null) { gesMenuAdapter mg = new gesMenuAdapter(); List<dataTree> l = mg.getOpciones("INICI", UserName.Text); if (l.Where(t => t.roles == "INICIAdministrativo").FirstOrDefault() != null) { SetCookieRol("administrador"); url = "/Inicio/Administrativo/Inicio.aspx"; } else { if (l.Where(t => t.roles == "INICIAcudientes").FirstOrDefault() != null) { SetCookieRol("acudiente"); url = "/Inicio/Acudientes/Inicio.aspx"; } } } IdentityHelper.RedirectToReturnUrl(url, Response); } } else { StatusText.Text = "Invalid username or password."; } }