public ActionResult Login(LoginIndex model, string returnUrl)
{
try
{
AntiForgery.Validate();
}
catch (Exception ex)
{
ex.Log();
ModelState.AddModelError(string.Empty, Words.Login_SessionExpired);
}
if (!ModelState.IsValid)
{
return(View());
}
AuthLogin login = new AuthLogin();
login.DeactivateTemporaryUsers();
if (!login.IsUserLocked(model.Username))
{
if (login.ValidateUser(model.Username, model.Password))
{
var user = Users.GetByUsername(model.Username);
login.CleanUserLocks(model.Username);
login.CleanUnusedSessions(user.ID);
if (ConfigBase.Settings.MaxConcurrentUsers != 0)
{
int totalLoggedUsers = login.GetTotalLoggedUsers();
if (ConfigBase.Settings.MaxConcurrentUsers <= totalLoggedUsers)
{
ModelState.AddModelError(string.Empty, Words.Login_LimitExceeded);
Audit.Save(new Audit()
{
Action = AuditTypeEnum.UserLoginMaxConcurrentReached, UserName = model.Username, Data = login.GetAuditData(false)
});
return(View());
}
}
if (login.DoLogin(model.Username))
{
Audit.Save(new Audit()
{
Action = AuditTypeEnum.Login, UserName = model.Username, Data = login.GetAuditData(true)
});
if (login.ChangePassword)
{
if (!string.IsNullOrWhiteSpace(returnUrl))
{
return(Redirect(Url.Action("ChangePassword", "Auth", new { returnUrl = returnUrl })));
}
else
{
return(Redirect(Url.Action("ChangePassword", "Auth")));
}
}
else
{
if (IsLocalUrl(returnUrl))
{
return(Redirect(returnUrl));
}
else
{
return(Redirect(Url.Action("Index", "Home")));
}
}
}
}
else
{
if (login.UserExists(model.Username))
{
login.SaveWrongAccessAttempt(model.Username);
}
Audit.Save(new Audit()
{
Action = AuditTypeEnum.UserInvalidLogin, UserName = model.Username, Data = login.GetAuditData(false)
});
ModelState.AddModelError(string.Empty, Words.Login_InvalidPassword);
}
}
else
{
ModelState.AddModelError(string.Empty, Words.Login_AccountLocked);
}
return(View());
}
public bool IsAuthenticatingInLegacyOdiss(string username, string password)
{
AuthLogin login = new AuthLogin();
return(login.ValidateUser(username, password));
}
