예제 #1
0
 public void RecordSuccessfulLoginAttempt(LoginModel login, string ipAddress, string message = null)
 {
     LoginAttemptLog log = new LoginAttemptLog()
     {
         IpAddress = ipAddress,
         Location = new Location(login.LocationId),
         LoginDate = DateTime.Now,
         Reason = string.IsNullOrEmpty(message) ? null : message,
         ResultFlag = true,
         UserName = login.Name
     };
     SecurityRepository.InsertLoginAttempt(log);
 }
예제 #2
0
 public void RecordFailedLoginAttempt(LoginModel login, string ipAddress, string reason)
 {
     LoginAttemptLog log = new LoginAttemptLog()
     {
         IpAddress = ipAddress,
         Location = new Location(login.LocationId),
         LoginDate = DateTime.Now,
         Reason = reason,
         ResultFlag = false,
         UserName = login.Name
     };
     SecurityRepository.InsertLoginAttempt(log);
 }
예제 #3
0
        public ActionResult ValidateLogin(LoginModel login)
        {
            try
            {
                if (ModelState.IsValid)
                {
                    var user = SecurityServices.ValidateUser(login.Name, login.Password);
                    if (user == null)
                    {
                        SecurityServices.RecordFailedLoginAttempt(login, HttpContext.Request.UserHostAddress, string.Format("Invalid credentials: {0} - {1}", login.Name, login.Password));
                        ModelState.AddModelError(String.Empty, "The login name or password is invalid.");
                    }
                    if (user != null && !user.CanLogin)
                    {
                        SecurityServices.RecordFailedLoginAttempt(login, HttpContext.Request.UserHostAddress, "User login disabled");
                        ModelState.AddModelError(String.Empty, "Access denied.");
                    }
                    if (user != null && !IsIpValid(user.RoleName, login.LocationId))
                    {
                        SecurityServices.RecordFailedLoginAttempt(login, HttpContext.Request.UserHostAddress, "Invalid IP address");
                        ModelState.AddModelError(String.Empty, "Access denied.");
                    }

                    if (ModelState.IsValid)
                    {
                        if (login.DowngradeRole)
                        {
                            user.RoleName = "Employee";
                            SecurityServices.RecordSuccessfulLoginAttempt(login, HttpContext.Request.UserHostAddress, "Downgraded to Employee role");
                        }
                        else if (user.RoleName == "Manager" && login.LocationId != user.LocationId)
                        {
                            user.RoleName = "Employee";
                            var message = string.Format("Manager downgraded to Employee role");
                            SecurityServices.RecordSuccessfulLoginAttempt(login, HttpContext.Request.UserHostAddress, message);
                        }
                        else
                        {
                            SecurityServices.RecordSuccessfulLoginAttempt(login, HttpContext.Request.UserHostAddress);
                        }

                        var token = CreateToken(user.Id, user.RoleName, login.LocationId);
                        var auth = TokenSerializer.GetCookieFromToken(token);
                        if (HttpContext.Request.IsLocal) //local development overrides
                        {
                            auth.Domain = null;
                            auth.Secure = false;
                        }
                        HttpContext.Response.Cookies.Add(auth);

                        if (Url.IsLocalUrl(login.ReturnUrl) && user.RoleName == "Administrator")
                            return Redirect(login.ReturnUrl);
                        else
                            return RedirectToAction("Index", "ShopFloor");
                    }
                }
                else
                {
                    SecurityServices.RecordFailedLoginAttempt(login, HttpContext.Request.UserHostAddress, string.Format("Invalid model state: {0}", ModelState.ToString()));
                }
            }
            catch (Exception ex)
            {
                Logger.Error(ex.ToString());
                ModelState.AddModelError(String.Empty, Constants.ServerError);
            }

            // Invalid - redisplay with errors
            ViewBag.Locations = LocationServices.GetLocationLookup();
            return View("Index", login);
        }
예제 #4
0
 //TODO: exclude from token validation
 public ActionResult Index(string returnUrl)
 {
     var model = new LoginModel() { ReturnUrl = returnUrl };
     ViewBag.Locations = LocationServices.GetLocationLookup();
     return View(model);
 }