private static void AddUserLog(ValidateUserLoginResult result, string username, string password, string enteredCaptcha, string serverSideCaptcha, string ip, string userAgent, string surferID) { int userID = 0; password = ("").PadLeft(password.Length, '*'); string action = ""; if (result.LoginResult == Constants.Enumerators.LoginResult.UsernameInvalid) action = string.Format("LOGIN FAILURE - USERNAME INVALID (U: {0}; P: {1})", username, password); else if (result.LoginResult == Constants.Enumerators.LoginResult.NotApproved) action = string.Format("LOGIN FAILURE - NOT APPROVED"); else if (result.LoginResult == Constants.Enumerators.LoginResult.LockedOut) action = string.Format("LOGIN FAILURE - LOCKED OUT"); else if (result.LoginResult == Constants.Enumerators.LoginResult.PasswordInvalid) action = string.Format("LOGIN FAILURE (P: {0})", password); else if (result.LoginResult == Constants.Enumerators.LoginResult.CaptchaInvalid) action = string.Format("LOGIN FAILURE - CAPTCHA INVALID (P: {0}; IN: {1}; EX: {2})", password, enteredCaptcha, serverSideCaptcha); else if (result.LoginResult == Constants.Enumerators.LoginResult.Success) action = "LOGIN SUCCESS"; else action = string.Format("LOGIN FAILURE - UNKNOWN ERROR (P: {0})", password); int userLogID = UserLogService.AddUserLog(result.AspnetUserID, userID, action, ip, userAgent, surferID); }
public static ValidateUserLoginResult ValidateUserLogin(string userMembershipProviderName, string username, string password, string enteredCaptcha, string serverSideCaptcha, string ip, string userAgent, string surferID) { ValidateUserLoginResult result = new ValidateUserLoginResult(); if (!Helpers.IsValidEmail(username)) { User user = UserService.GetUserByUsername(username); if (user.UserID == 0) result.LoginResult = Constants.Enumerators.LoginResult.UsernameInvalid; else username = user.Email; } if (result.LoginResult != Constants.Enumerators.LoginResult.UsernameInvalid) { // Get user by username MembershipUser mu = Membership.Providers[userMembershipProviderName].GetUser(username, true); if (mu != null) { result.AspnetUserID = (Guid)mu.ProviderUserKey; result.Username = username; } if (mu == null) { // Invalid username result.LoginResult = Constants.Enumerators.LoginResult.UsernameInvalid; } else if (!mu.IsApproved) { // User is not approved result.LoginResult = Constants.Enumerators.LoginResult.NotApproved; } else if (mu.IsLockedOut) { // User is locked out result.LoginResult = Constants.Enumerators.LoginResult.LockedOut; } else { // Check username and password and update failed attempts counts, etc. if (!Membership.Providers[userMembershipProviderName].ValidateUser(username, password)) result.LoginResult = Constants.Enumerators.LoginResult.PasswordInvalid; else result.LoginResult = Constants.Enumerators.LoginResult.Success; } } AddUserLog(result, username, password, enteredCaptcha, serverSideCaptcha, ip, userAgent, surferID); return result; }