private void UpdateInvalidLoginAttemptCount(User user, int newValue) { if (user.Policy.InvalidLoginAttemptCount != newValue || newValue > 0) { user.Policy.InvalidLoginAttemptCount = newValue; var maxCount = user.Policy.IsAdministrator ? 3 : 5; var fireLockout = false; if (newValue >= maxCount) { //_logger.LogDebug("Disabling user {0} due to {1} unsuccessful login attempts.", user.Name, newValue.ToString(CultureInfo.InvariantCulture)); //user.Policy.IsDisabled = true; //fireLockout = true; } UpdateUserPolicy(user, user.Policy, false); if (fireLockout) { UserLockedOut?.Invoke(this, new GenericEventArgs <User>(user)); } } }
private void IncrementInvalidLoginAttemptCount(User user) { int invalidLogins = ++user.Policy.InvalidLoginAttemptCount; int maxInvalidLogins = user.Policy.LoginAttemptsBeforeLockout; if (maxInvalidLogins > 0 && invalidLogins >= maxInvalidLogins) { user.Policy.IsDisabled = true; UserLockedOut?.Invoke(this, new GenericEventArgs <User>(user)); _logger.LogWarning( "Disabling user {UserName} due to {Attempts} unsuccessful login attempts.", user.Name, invalidLogins); } UpdateUserPolicy(user, user.Policy, false); }
private void UpdateInvalidLoginAttemptCount(User user, int newValue) { if (user.Policy.InvalidLoginAttemptCount == newValue || newValue <= 0) { return; } user.Policy.InvalidLoginAttemptCount = newValue; // Check for users without a value here and then fill in the default value // also protect from an always lockout if misconfigured if (user.Policy.LoginAttemptsBeforeLockout == null || user.Policy.LoginAttemptsBeforeLockout == 0) { user.Policy.LoginAttemptsBeforeLockout = user.Policy.IsAdministrator ? 5 : 3; } var maxCount = user.Policy.LoginAttemptsBeforeLockout; var fireLockout = false; // -1 can be used to specify no lockout value if (maxCount != -1 && newValue >= maxCount) { _logger.LogDebug("Disabling user {0} due to {1} unsuccessful login attempts.", user.Name, newValue); user.Policy.IsDisabled = true; fireLockout = true; } UpdateUserPolicy(user, user.Policy, false); if (fireLockout) { UserLockedOut?.Invoke(this, new GenericEventArgs <User>(user)); } }