/// <summary> /// Finds the user from the password, if the password is incorrect then increment the number of failed logon attempts /// </summary> /// <param name="userName"></param> /// <param name="password"></param> /// <returns></returns> public async Task <LogonResult> FindAndCheckLogonAsync(string userName, string password) { var user = await this.dbContext.User.SingleOrDefaultAsync(u => u.UserName == userName && u.Enabled && u.Approved && u.EmailVerified).ConfigureAwait(false); var logonResult = new LogonResult(); if (user != null) { var securedPassword = new SecuredPassword(Convert.FromBase64String(user.PasswordHash), Convert.FromBase64String(user.Salt)); bool checkFailedLogonAttemptCount = Convert.ToBoolean(ConfigurationManager.AppSettings["AccountManagementCheckFailedLogonAttemptCount"].ToString()); int maximumFailedLogonAttemptCount = Convert.ToInt32(ConfigurationManager.AppSettings["AccountManagementMaximumFailedLogonAttemptCount"].ToString()); if (checkFailedLogonAttemptCount == false || user.FailedLogonAttemptCount < maximumFailedLogonAttemptCount) { if (securedPassword.Verify(password)) { user.FailedLogonAttemptCount = 0; this.dbContext.SaveChanges(); logonResult.Success = true; logonResult.UserName = user.UserName; return(logonResult); } else { user.FailedLogonAttemptCount += 1; logonResult.FailedLogonAttemptCount = user.FailedLogonAttemptCount; user.UserLogs.Add(new UserLog() { Description = "Failed Logon attempt" }); this.dbContext.SaveChanges(); } } } return(logonResult); }
/// <summary> /// Finds the user from the password, if the password is incorrect then increment the number of failed logon attempts /// </summary> /// <param name="userName"></param> /// <param name="password"></param> /// <returns></returns> public async Task <LogonResult> TryLogOnAsync(string userName, string password) { var user = await _context.User .SingleOrDefaultAsync(u => u.UserName == userName && u.Enabled && u.Approved && u.EmailVerified) .ConfigureAwait(false); var logonResult = new LogonResult(); if (user == null) { // Check if the user exists and if not is one of a commonly used set of usernames var userNameExists = await _context.User.SingleOrDefaultAsync(u => u.UserName == userName); if (userNameExists == null) { if (_commonlyUsedUserNames.ToList().Contains(userName)) { logonResult.IsCommonUserName = true; } } } else { var securePassword = new SecuredPassword(password, Convert.FromBase64String(user.PasswordHash), Convert.FromBase64String(user.PasswordSalt), user.HashStrategy); if (_configuration.AccountManagementCheckFailedLogonAttempts == false || user.FailedLogonAttemptCount < _configuration.AccountManagementMaximumFailedLogonAttempts) { if (securePassword.IsValid) { user.FailedLogonAttemptCount = 0; await _context.SaveChangesAsync(); logonResult.MustChangePassword = user.PasswordExpiryDateUtc.HasValue && user.PasswordExpiryDateUtc.Value < DateTime.UtcNow; logonResult.Success = true; logonResult.UserName = user.UserName; return(logonResult); } user.FailedLogonAttemptCount += 1; logonResult.FailedLogonAttemptCount = user.FailedLogonAttemptCount; user.UserLogs.Add(new UserLog { Description = "Failed Logon attempt" }); await _context.SaveChangesAsync(); } } return(logonResult); }