public void CanGetFailedAttempts() { var user = CreateBasicUser(); user.IncrementLoginFailureCount(); UserManager.Update(user); UserManager.GetAccessFailedCount(user.Id).ShouldBe(1); }
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid) { return(View(model)); } //check sign in var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout : true); var user = UserManager.FindByEmail(model.Email); switch (result) { case SignInStatus.Success: //get shopid //get role with current user var roles = RoleStore.GetRoles(user.Id); foreach (var r in roles) { //get roles of user in shop var userRole = await RoleStore.FindByIdAsync(r.RoleId); //allow only user have role below if (userRole.Name == "Admin" || userRole.Name == "Manager" || userRole.Name == "Cashier" || userRole.Name == "Chef") { this.SetShopId(r.ShopID); break; } } return(RedirectToLocal(returnUrl)); case SignInStatus.LockedOut: var time = await UserManager.GetLockoutEndDateAsync(user.Id); ModelState.AddModelError("", String.Format("Bạn phải chờ {0}s, mới được login lại", (int)(time.ToLocalTime() - DateTime.Now.ToLocalTime()).TotalSeconds)); return(View(model)); case SignInStatus.Failure: default: if (user == null) { ModelState.AddModelError("", String.Format("{0} Không tồn tại", model.Email)); } else { var count = UserManager.GetAccessFailedCount(user.Id); ModelState.AddModelError("", String.Format("Đăng nhập thất bại {0} lần", count)); } return(View(model)); } }
public void CanIncrementFailedAttempts() { UserManager.MaxFailedAccessAttemptsBeforeLockout = 5; var user = CreateBasicUser(); var result = UserManager.AccessFailed(user.Id); result.Succeeded.ShouldBe(true); UserManager.GetAccessFailedCount(user.Id).ShouldBe(1); }
/// <summary> /// It's use for Login to Registered User /// </summary> /// <param name="loginModel"></param> /// <param name="isPersistent"></param> /// <returns></returns> public AuthenticationServiceResponse SignInUser(UserModel userModel, bool isPersistent = false) { var user = UserManager.FindByEmail(userModel.UserName); //_unitOfWork.UserRepository.Get(filter => filter.Email == loginModel.UserName).FirstOrDefault(); var role = ""; role = user != null?UserManager.GetRoles(user.Id).FirstOrDefault() : "";//getting User Role eg:BusinessUser,User,Admin etc.. if (user != null) { SignInStatus signStatus = SignInManager.PasswordSignIn(userModel.UserName, userModel.Password, false, //loginModel.RememberMe, (!user.LockoutEnabled ? user.LockoutEnabled : UserManager.UserLockoutEnabledByDefault)); int accessFailedCount = UserManager.GetAccessFailedCount(user.Id); int attemptsLeft = UserManager.MaxFailedAccessAttemptsBeforeLockout - accessFailedCount; bool halfAttemptExceed = accessFailedCount > (UserManager.MaxFailedAccessAttemptsBeforeLockout) / 2; if (signStatus != SignInStatus.Success && !halfAttemptExceed) { return(new AuthenticationServiceResponse() { Success = false, Message = UserLoginConstants.INVALID_LOGIN }); } if (signStatus == SignInStatus.Success) //&& role == UserType.BusinessUser.ToString())// role=Only BusinessUser can be Login { SignInManager.AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie); SignInManager.AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, user.GenerateUserIdentityAsync(UserManager, true).Result); // return new AuthenticationServiceResponse() { Success = true, Message = "complete",Type=role}; } //int accessFailedCount = UserManager.GetAccessFailedCount(user.Id); //int attemptsLeft = UserManager.MaxFailedAccessAttemptsBeforeLockout - accessFailedCount; //bool halfAttemptExceed = accessFailedCount > (UserManager.MaxFailedAccessAttemptsBeforeLockout) / 2; //if (signStatus != SignInStatus.Success && !halfAttemptExceed) //{ // return new AuthenticationServiceResponse() { Success = false, Message = UserLoginConstants.INVALID_LOGIN }; //} //"Only Business User Can be login please contact with administrator" return(new AuthenticationServiceResponse() { Success = true, Type = role, Message = "Login Successfully" }); } else { return(new AuthenticationServiceResponse() { Success = false, Message = UserLoginConstants.EMAIL_NOT_FOUND }); } }
public void LockoutAccount() { var userManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(this._session)); userManager.MaxFailedAccessAttemptsBeforeLockout = 3; userManager.UserLockoutEnabledByDefault = true; userManager.DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0); userManager.Create(new ApplicationUser() { UserName = "******", LockoutEnabled = true }, "Welcome"); var user = userManager.Find("test", "Welcome"); Assert.AreEqual(0, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.AreEqual(1, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.AreEqual(2, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.IsTrue(userManager.IsLockedOut(user.Id)); }
bool ValidLogin(Login login) { UserStore <IdentityUser> userStore = new UserStore <IdentityUser>(); UserManager <IdentityUser> userManager = new UserManager <IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 5 }; var user = userManager.FindByName(login.UserName); if (user == null) { UserNoFound = true; return(false); } // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) { Locked = true; return(false); } // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); PasswordIncorrent = true; if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return(false); } } return(true); }
public AuthenticationServiceResponse SignInUser(LoginModel model, string authenticationType, bool isPersistent = false) { var claimsIdentity = new ClaimsIdentity(); var user = UserManager.FindByEmail(model.UserName); if (user == null) { return new AuthenticationServiceResponse() { Success = false, Message = UserLoginConstants.EMAIL_NOT_FOUND } } ; var signStatus = SignInManager.PasswordSignInAsync(model.UserName, model.Password, false, //loginModel.RememberMe, (!user.LockoutEnabled ? user.LockoutEnabled : UserManager.UserLockoutEnabledByDefault)).Result; int accessFailedCount = UserManager.GetAccessFailedCount(user.Id); int attemptsLeft = UserManager.MaxFailedAccessAttemptsBeforeLockout - accessFailedCount; bool halfAttemptExceed = accessFailedCount > (UserManager.MaxFailedAccessAttemptsBeforeLockout) / 2; if (signStatus != SignInStatus.Success && !halfAttemptExceed) { return(new AuthenticationServiceResponse() { Success = false, Message = UserLoginConstants.INVALID_LOGIN }); } if (signStatus == SignInStatus.Success) { claimsIdentity = user.GenerateUserIdentityAsync(UserManager, authenticationType, true).Result; SignInManager.AuthenticationManager.SignOut(authenticationType); SignInManager.AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, claimsIdentity); } return(new AuthenticationServiceResponse() { Success = true, Message = "Login Successfully", identity = claimsIdentity }); }
public async Task <ActionResult> Login(LoginViewModel details, string returnUrl) { AppUser user = null; AppUser currUser = null; if (!string.IsNullOrEmpty(details.Name) && !string.IsNullOrEmpty(details.Password)) { user = await UserManager.FindAsync(details.Name, details.Password); currUser = UserManager.Users.FirstOrDefault(u => u.UserName == details.Name); } if ((user == null) || (currUser != null && UserManager.IsLockedOut(currUser.Id))) { if (currUser != null) { currUser.LockoutEnabled = true; if (UserManager.IsLockedOut(currUser.Id)) { ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}"); UserManager.ResetAccessFailedCount(currUser.Id); } else if (UserManager.MaxFailedAccessAttemptsBeforeLockout <= currUser.AccessFailedCount + 1) { currUser.LockoutEndDateUtc = DateTime.UtcNow.AddMinutes(1); await UserManager.UpdateAsync(currUser); UserManager.ResetAccessFailedCount(currUser.Id); ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}"); } else { UserManager.AccessFailed(currUser.Id); ModelState.AddModelError("", $"Некорректный пароль осталось {UserManager.MaxFailedAccessAttemptsBeforeLockout - UserManager.GetAccessFailedCount(currUser.Id)} попытки."); } } else { ModelState.AddModelError("", "Некорректное имя или пароль."); } } else { ClaimsIdentity ident = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie); await UserManager.ResetAccessFailedCountAsync(user.Id); AuthManager.SignOut(); AuthManager.SignIn(new AuthenticationProperties { IsPersistent = true }, ident); HttpCookie cookie = new HttpCookie("ShoppingBasket"); if (Request.Cookies["ShoppingBasket"] == null || string.IsNullOrEmpty(Request.Cookies["ShoppingBasket"]["ShoppingBasket"]) || !string.IsNullOrEmpty(user.GoodsInBasket)) { cookie["ShoppingBasket"] = user.GoodsInBasket; Response.Cookies.Add(cookie); } cookie = new HttpCookie("WishesAmount"); if (!string.IsNullOrEmpty(user.GoodsWishes)) { cookie["WishesAmount"] = (user.GoodsWishes.ToCharArray().Where(c => c == '+').Count() / 2).ToString(); Response.Cookies.Add(cookie); } AccountInfoEvent($"Account wiht name:{user.UserName}; and id:{user.Id} has been successfuly logged in"); if (!string.IsNullOrEmpty(returnUrl)) { return(Redirect(returnUrl)); } else { return(RedirectToActionPermanent("Index", "Home")); } } return(View(details)); }
bool ValidLogin(Login login) { UserStore<IdentityUser> userStore = new UserStore<IdentityUser>(); UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 3 }; var user = userManager.FindByName(login.UserName); if (user == null) return false; // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) return false; // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return false; } } return true; }
bool ValidLogin(Login login) { UserStore<IdentityUser> userStore = new UserStore<IdentityUser>(); UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 3 }; var user = userManager.FindByName(login.UserName); if (user == null) return false; // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) { return false; } // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return false; } CaptchaHelper captchaHelper = new CaptchaHelper(); string captchaResponse = captchaHelper.CheckRecaptcha(); if (captchaResponse != "Valid") { ViewBag.ErrorResponse = "The captcha must be valid"; } } return true; }
public void LockoutAccount() { var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this._session)); userManager.MaxFailedAccessAttemptsBeforeLockout = 3; userManager.UserLockoutEnabledByDefault = true; userManager.DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0); userManager.Create(new ApplicationUser() { UserName = "******", LockoutEnabled = true }, "Welcome"); var user = userManager.Find("test", "Welcome"); Assert.AreEqual(0, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.AreEqual(1, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.AreEqual(2, userManager.GetAccessFailedCount(user.Id)); userManager.AccessFailed(user.Id); Assert.IsTrue(userManager.IsLockedOut(user.Id)); }
protected void BtnIniciar_Click1(object sender, EventArgs e) { var userStore = new UserStore<IdentityUser>(); var userManager = new UserManager<IdentityUser>(userStore); //var user = userManager.Find(UserName.Text, Password.Text); var user = userManager.FindByName(UserName.Text); if (user != null) { var validCredentials = userManager.Find(UserName.Text, Password.Text); if (userManager.IsLockedOut(user.Id)) { ModelState.AddModelError("", string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString())); StatusText.Text = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()); } else if (userManager.GetLockoutEnabled(user.Id) && validCredentials == null) { userManager.AccessFailed(user.Id); string message; if (userManager.IsLockedOut(user.Id)) { message = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()); StatusText.Text = message; } else { int accessFailedCount = userManager.GetAccessFailedCount(user.Id); int attemptsLeft = Convert.ToInt32( ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString()) - accessFailedCount; message = string.Format( "Invalid credentials. You have {0} more attempt(s) before your account gets locked out.", attemptsLeft); StatusText.Text = message; } ModelState.AddModelError("", message); } else if (validCredentials == null) { ModelState.AddModelError("", "Invalid credentials. Please try again."); StatusText.Text = "Invalid credentials. Please try again."; } else { var authenticationManager = HttpContext.Current.GetOwinContext().Authentication; var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie); authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity); userManager.ResetAccessFailedCount(user.Id); string vig = DateTime.Now.Year.ToString(); SetCookieUser(UserName.Text, vig); string url = Request.QueryString["ReturnUrl"]; if (url == "" || url == null) { gesMenuAdapter mg = new gesMenuAdapter(); List<dataTree> l = mg.getOpciones("INICI", UserName.Text); if (l.Where(t => t.roles == "INICIAdministrativo").FirstOrDefault() != null) { SetCookieRol("administrador"); url = "/Inicio/Administrativo/Inicio.aspx"; } else { if (l.Where(t => t.roles == "INICIAcudientes").FirstOrDefault() != null) { SetCookieRol("acudiente"); url = "/Inicio/Acudientes/Inicio.aspx"; } } } IdentityHelper.RedirectToReturnUrl(url, Response); } } else { StatusText.Text = "Invalid username or password."; } }