protected override IPrincipal ValidateUser(string userName, string password) { var user = _userManager.FindByName(userName); if (user == null) { return(null); } if (_userManager.IsLockedOut(user.Id)) { return(null); } var result = _userManager.CheckPassword(user, password); if (result) { _userManager.ResetAccessFailedCount(user.Id); return(new ClaimsPrincipal(_userManager.CreateIdentity(user, "HTTP Basic"))); } if (_userManager.SupportsUserLockout) { _userManager.AccessFailed(user.Id); } return(null); }
public SignInStatus TwoFactorSignIn(string provider, string code, bool isPersistent, bool rememberBrowser) { var userId = GetVerifiedUserId(); if (userId == null) { return(SignInStatus.Failure); } var user = UserManager.FindById(userId); if (user == null) { return(SignInStatus.Failure); } if (UserManager.IsLockedOut(user.Id)) { return(SignInStatus.LockedOut); } if (UserManager.VerifyTwoFactorToken(user.Id, provider, code)) { // When token is verified correctly, clear the access failed count used for lockout UserManager.ResetAccessFailedCount(user.Id); SignInAsync(user, isPersistent, rememberBrowser); return(SignInStatus.Success); } // If the token is incorrect, record the failure which also may cause the user to be locked out UserManager.AccessFailed(user.Id); return(SignInStatus.Failure); }
public ActionResult Reset([Bind(Include = "NewPassword,ConfirmPassword,Key,Token")] ResetViewModel model) { if (!ModelState.IsValid) { return(View(model)); } var user = UserManager.FindById(model.Key); if (user == null) { ModelState.AddModelError("", AuthResources.RequestMailNoUser); return(View(model)); } var result = UserManager.ResetPassword(user.Id, model.Token, model.NewPassword); if (!result.Succeeded) { AddErrors(result); return(View(model)); } SignInLogModel log = new SignInLogModel(); log.ClientIp = GetClientIp(); log.UserModelId = user.Id; log.UserCode = user.UserName; log.SetStatus(2); dbContext.SignInLogModels.Add(log); dbContext.SaveChanges(); UserManager.ResetAccessFailedCount(user.Id); return(View("ResetComplete")); }
public async Task <ActionResult> Login(LoginViewModel details, string returnUrl) { AppUser user = await UserManager.FindAsync(details.Name, details.Password); AppUser currUser = UserManager.Users.FirstOrDefault(u => u.UserName == details.Name); if ((user == null) || (currUser != null && UserManager.IsLockedOut(currUser.Id))) { if (currUser != null) { currUser.LockoutEnabled = true; if (UserManager.IsLockedOut(currUser.Id)) { ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}"); UserManager.ResetAccessFailedCount(currUser.Id); } else if (UserManager.MaxFailedAccessAttemptsBeforeLockout <= currUser.AccessFailedCount + 1) { currUser.LockoutEndDateUtc = DateTime.UtcNow.AddMinutes(1); await UserManager.UpdateAsync(currUser); UserManager.ResetAccessFailedCount(currUser.Id); ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}"); } else { UserManager.AccessFailed(currUser.Id); ModelState.AddModelError("", $"Некорректный пароль осталось {UserManager.MaxFailedAccessAttemptsBeforeLockout - UserManager.GetAccessFailedCount(currUser.Id)} попытки."); } } else { ModelState.AddModelError("", "Некорректное имя."); } } else { ClaimsIdentity ident = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie); await UserManager.ResetAccessFailedCountAsync(user.Id); AuthManager.SignOut(); AuthManager.SignIn(new AuthenticationProperties { IsPersistent = true }, ident); AccountInfoEvent($"Account wiht name:{user.UserName}; and id:{user.Id} has been successfuly logged in"); if (!string.IsNullOrEmpty(returnUrl)) { return(Redirect(returnUrl)); } else { return(RedirectToActionPermanent("Index", "Home")); } } return(View(details)); }
public ActionResult ReactivateUser(int id) { var user = context.Users.Find(id); if (!_userService.CanEditUser(user)) { TempData["Error"] = "You do not have permission to edit this user."; return(RedirectToAction("Index")); } var code = KeyGenerator.GetUniqueKey(128); var email = user.Email; user.IsActive = true; user.ResetCode = code; user.ResetCodeExpiration = DateTime.UtcNow.AddHours(24); _userManager.SetLockoutEndDate(user.Id, DateTimeOffset.UtcNow); _userManager.ResetAccessFailedCount(user.Id); string resetUrl = string.Format("https://" + Request.Url.Host + "/Account/ResetPassword?code={0}&email={1}", code, email); string body = string.Format("Your account \"{1}\" has been reactivated. Please click <a href=\"{0}\">here</a> to reset your password. This link will expire in 24 hours.", resetUrl, user.UserName); _emailService.Send(email, "Water Treatment Account Reactivated", body); _userManager.Update(user); TempData["CreateSuccess"] = string.Format("Successfully reactivated \"{0}\". The user was notified by email.", user.UserName); return(RedirectToAction("Index")); }
/// <summary> /// Sign in the user in using the user name and password /// </summary> /// <param name="userName"></param> /// <param name="password"></param> /// <param name="ipAddress"></param> /// <param name="isPersistent"></param> /// <param name="shouldLockout"></param> /// <returns></returns> public SignInStatus TronixPasswordSignIn(string userName, string password, string[] ipAddress, bool isPersistent = false, bool shouldLockout = false) { var user = UserManager?.FindByName(userName); if (user == null) { return(SignInStatus.Failure); } if (user.Inactive) { return(SignInStatus.Failure); } if (UserManager.IsLockedOut(user.Id)) { return(SignInStatus.LockedOut); } if (UserManager.CheckPassword(user, password)) { UserManager.ResetAccessFailedCount(user.Id); return(SignInOrTwoFactor(user, isPersistent, ipAddress)); } if (!shouldLockout) { return(SignInStatus.Failure); } // If lockout is requested, increment access failed count which might lock out the user UserManager.AccessFailed(user.Id); return(UserManager.IsLockedOut(user.Id) ? SignInStatus.LockedOut : SignInStatus.Failure); }
public void CanResetFailedAttempts() { var user = CreateBasicUser(); user.IncrementLoginFailureCount(); UserManager.Update(user); UserManager.ResetAccessFailedCount(user.Id); user = UserManager.FindById(user.Id); user.FailedLoginAttempts.ShouldBe(0); }
bool ValidLogin(Login login) { UserStore <IdentityUser> userStore = new UserStore <IdentityUser>(); UserManager <IdentityUser> userManager = new UserManager <IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 5 }; var user = userManager.FindByName(login.UserName); if (user == null) { UserNoFound = true; return(false); } // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) { Locked = true; return(false); } // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); PasswordIncorrent = true; if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return(false); } } return(true); }
private User UpdateDTOUser(User paramExpandedUserDTO) { ApplicationUser result = UserManager.FindByName(paramExpandedUserDTO.UserName); // If we could not find the user, throw an exception if (result == null) { ModelState.AddModelError("", "Could not find the User"); return(paramExpandedUserDTO); } result.Email = paramExpandedUserDTO.Email; // Lets check if the account needs to be unlocked if (UserManager.IsLockedOut(result.Id)) { // Unlock user attempts and set lockoutdate back into the past UserManager.ResetAccessFailedCount(result.Id); UserManager.SetLockoutEndDate(result.Id, DateTime.Now); } log.Info("Updating user " + paramExpandedUserDTO.UserName); UserManager.Update(result); // Was a password sent across? if (!string.IsNullOrEmpty(paramExpandedUserDTO.Password)) { // Remove current password var removePassword = UserManager.RemovePassword(result.Id); if (removePassword.Succeeded) { // Add new password var AddPassword = UserManager.AddPassword( result.Id, paramExpandedUserDTO.Password ); log.Info(string.Format("Updated password {0}, errors: {1}", paramExpandedUserDTO.UserName, string.Join(", ", AddPassword.Errors))); foreach (var error in AddPassword.Errors) { ModelState.AddModelError("Password", PasswordValidatorCodes.GetLocalizedMessageForCode(error)); } } } return(paramExpandedUserDTO); }
private ExtendedUserCustom UpdateUser(ExtendedUserCustom extUser) { var result = UserManager.FindByEmail(extUser.Email); //not found if (result == null) { throw new Exception("User not found."); } result.Email = extUser.Email.Trim(); result.FullName = extUser.FullName.Trim(); result.GroupId = extUser.GroupId; result.MonthIntake = extUser.MonthIntake; result.YearIntake = extUser.YearIntake; //is account locked? unlock it if (UserManager.IsLockedOut(result.Id)) { UserManager.ResetAccessFailedCount(result.Id); } UserManager.Update(result); //was a password sent across? if (!string.IsNullOrEmpty(extUser.Password)) { //remove current password var removePassword = UserManager.RemovePassword(result.Id); if (removePassword.Succeeded) { //add new password var AddPassword = UserManager.AddPassword( result.Id, extUser.Password ); if (AddPassword.Errors.Count() > 0) { throw new Exception(AddPassword.Errors.FirstOrDefault()); } } } return(extUser); }
public virtual async Task <AuthenticateResult> AuthenticateLocalAsync(string username, string password, SignInMessage message = null) { if (!userManager.SupportsUserPassword) { return(null); } var user = await FindUserAsync(username); if (user == null) { return(null); } if (userManager.SupportsUserLockout && await userManager.IsLockedOutAsync(user.Id)) { return(null); } if (await userManager.CheckPasswordAsync(user, password)) { if (userManager.SupportsUserLockout) { userManager.ResetAccessFailedCount(user.Id); } var result = await PostAuthenticateLocalAsync(user, message); if (result != null) { return(result); } var claims = await GetClaimsForAuthenticateResult(user); return(new AuthenticateResult(user.Id.ToString(), await GetDisplayNameForAccountAsync(user.Id), claims)); } else if (userManager.SupportsUserLockout) { await userManager.AccessFailedAsync(user.Id); } return(null); }
//public void DeleteRole(string roleId) //{ // var roleUsers = _db.Users.Where(u => u.Roles.Any(r => r.RoleId == roleId)); // var role = _db.Roles.Find(roleId); // foreach (var user in roleUsers) // { // this.RemoveFromRole(user.Id, role.Name); // } // _db.Roles.Remove(role); // _db.SaveChanges(); //} protected void LogIn(object sender, EventArgs e) { if (IsValid) { // Validate the user password var manager = new UserManager(); ApplicationUser user = manager.Find(UserName.Text, Password.Text); if (user != null) { bool x = manager.IsLockedOut(user.Id); if (x) { usrststr.WriteStat(user.Id, "User is blocked"); FailureText.Text = "User is blocked"; ErrorMessage.Visible = true; } else { manager.ResetAccessFailedCount(user.Id); //IdentityHelper.SignIn(manager, user, RememberMe.Checked); IdentityHelper.SignIn(manager, user, false); // begin statistica usrststr.WriteStat(user.Id, "Login"); // end statistica IdentityHelper.RedirectToReturnUrl(Request.QueryString["ReturnUrl"], Response); } } else { var r = manager.FindByName(UserName.Text); if (r != null) { usrststr.WriteStat(r.Id, "Invalid password."); FailureText.Text = "Invalid password."; ErrorMessage.Visible = true; if (manager.IsLockedOut(r.Id)) { } else { if (manager.IsInRole(r.Id, "Administrator") == true) { } else { var z = manager.SetLockoutEnabled(r.Id, true); manager.AccessFailed(r.Id); } usrststr.WriteStat(r.Id, "Access denied."); } } else { FailureText.Text = "Invalid username."; ErrorMessage.Visible = true; } } } }
bool ValidLogin(Login login) { UserStore<IdentityUser> userStore = new UserStore<IdentityUser>(); UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 3 }; var user = userManager.FindByName(login.UserName); if (user == null) return false; // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) return false; // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return false; } } return true; }
//public IEnumerable<SelectListItem> ReadRoles() //{ // IList<SelectListItem> result = new List<SelectListItem> // { // new SelectListItem // { // Text = RoleType.Company.GetEnumDescription(), // Value = RoleType.Company.ToString() // }, // new SelectListItem // { // Text = RoleType.Supervise.GetEnumDescription(), // Value = RoleType.Supervise.ToString() // }, // new SelectListItem // { // Text = RoleType.Guidance.GetEnumDescription(), // Value = RoleType.Guidance.ToString() // } // }; // return result; //} public bool?Update(UserManager <ApplicationUser> userManager, string key, UserViewModel model) { bool allSuccess = true; var user = userManager.Users.Where(u => u.Id == key).SingleOrDefault(); if (user == null) { return(null); } // Role if (!string.IsNullOrEmpty(model.Role.Value)) { if (!userManager.IsInRole(key, model.Role.Value)) { var roles = userManager.GetRoles(key).ToArray(); IdentityResult result = userManager.RemoveFromRoles(key, roles); if (result.Succeeded) { result = userManager.AddToRole(key, model.Role.Value); } allSuccess &= result.Succeeded; } } // Consultant //if (!string.IsNullOrEmpty(model.Consultant.Value)) //{ // var customer = this.DbContext.Customers.Where(c => c.UserId == key).SingleOrDefault(); // if (customer == null) // return null; // customer.ConsultantId = model.Consultant.Value; // try // { // this.DbContext.SaveChanges(); // } // catch // { // allSuccess = false; // } //} var customer = this.DbContext.Customers.Where(c => c.UserId == key).SingleOrDefault(); if (customer == null) { return(null); } customer.ConsultantId = model.Consultant.Value; try { this.DbContext.SaveChanges(); } catch { allSuccess = false; } // LockedOut if (userManager.IsLockedOut(key) != model.LockedOut) { IdentityResult result; if (model.LockedOut) { result = userManager.SetLockoutEnabled(key, true); if (result.Succeeded) { result = userManager.SetLockoutEndDate(key, DateTimeOffset.MaxValue); } } else { result = userManager.SetLockoutEnabled(key, false); if (result.Succeeded) { result = userManager.ResetAccessFailedCount(key); } } allSuccess &= result.Succeeded; } return(allSuccess); }
bool ValidLogin(Login login) { UserStore<IdentityUser> userStore = new UserStore<IdentityUser>(); UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 3 }; var user = userManager.FindByName(login.UserName); if (user == null) return false; // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) { return false; } // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return false; } CaptchaHelper captchaHelper = new CaptchaHelper(); string captchaResponse = captchaHelper.CheckRecaptcha(); if (captchaResponse != "Valid") { ViewBag.ErrorResponse = "The captcha must be valid"; } } return true; }
protected void BtnIniciar_Click1(object sender, EventArgs e) { var userStore = new UserStore<IdentityUser>(); var userManager = new UserManager<IdentityUser>(userStore); //var user = userManager.Find(UserName.Text, Password.Text); var user = userManager.FindByName(UserName.Text); if (user != null) { var validCredentials = userManager.Find(UserName.Text, Password.Text); if (userManager.IsLockedOut(user.Id)) { ModelState.AddModelError("", string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString())); StatusText.Text = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()); } else if (userManager.GetLockoutEnabled(user.Id) && validCredentials == null) { userManager.AccessFailed(user.Id); string message; if (userManager.IsLockedOut(user.Id)) { message = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()); StatusText.Text = message; } else { int accessFailedCount = userManager.GetAccessFailedCount(user.Id); int attemptsLeft = Convert.ToInt32( ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString()) - accessFailedCount; message = string.Format( "Invalid credentials. You have {0} more attempt(s) before your account gets locked out.", attemptsLeft); StatusText.Text = message; } ModelState.AddModelError("", message); } else if (validCredentials == null) { ModelState.AddModelError("", "Invalid credentials. Please try again."); StatusText.Text = "Invalid credentials. Please try again."; } else { var authenticationManager = HttpContext.Current.GetOwinContext().Authentication; var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie); authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity); userManager.ResetAccessFailedCount(user.Id); string vig = DateTime.Now.Year.ToString(); SetCookieUser(UserName.Text, vig); string url = Request.QueryString["ReturnUrl"]; if (url == "" || url == null) { gesMenuAdapter mg = new gesMenuAdapter(); List<dataTree> l = mg.getOpciones("INICI", UserName.Text); if (l.Where(t => t.roles == "INICIAdministrativo").FirstOrDefault() != null) { SetCookieRol("administrador"); url = "/Inicio/Administrativo/Inicio.aspx"; } else { if (l.Where(t => t.roles == "INICIAcudientes").FirstOrDefault() != null) { SetCookieRol("acudiente"); url = "/Inicio/Acudientes/Inicio.aspx"; } } } IdentityHelper.RedirectToReturnUrl(url, Response); } } else { StatusText.Text = "Invalid username or password."; } }