public void CanGetFailedAttempts()
{
var user = CreateBasicUser();
user.IncrementLoginFailureCount();
UserManager.Update(user);
UserManager.GetAccessFailedCount(user.Id).ShouldBe(1);
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
//check sign in
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout : true);
var user = UserManager.FindByEmail(model.Email);
switch (result)
{
case SignInStatus.Success:
//get shopid
//get role with current user
var roles = RoleStore.GetRoles(user.Id);
foreach (var r in roles)
{
//get roles of user in shop
var userRole = await RoleStore.FindByIdAsync(r.RoleId);
//allow only user have role below
if (userRole.Name == "Admin" || userRole.Name == "Manager" ||
userRole.Name == "Cashier" || userRole.Name == "Chef")
{
this.SetShopId(r.ShopID);
break;
}
}
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
var time = await UserManager.GetLockoutEndDateAsync(user.Id);
ModelState.AddModelError("", String.Format("Bạn phải chờ {0}s, mới được login lại", (int)(time.ToLocalTime() - DateTime.Now.ToLocalTime()).TotalSeconds));
return(View(model));
case SignInStatus.Failure:
default:
if (user == null)
{
ModelState.AddModelError("", String.Format("{0} Không tồn tại", model.Email));
}
else
{
var count = UserManager.GetAccessFailedCount(user.Id);
ModelState.AddModelError("", String.Format("Đăng nhập thất bại {0} lần", count));
}
return(View(model));
}
}
public void CanIncrementFailedAttempts()
{
UserManager.MaxFailedAccessAttemptsBeforeLockout = 5;
var user = CreateBasicUser();
var result = UserManager.AccessFailed(user.Id);
result.Succeeded.ShouldBe(true);
UserManager.GetAccessFailedCount(user.Id).ShouldBe(1);
}
/// <summary>
/// It's use for Login to Registered User
/// </summary>
/// <param name="loginModel"></param>
/// <param name="isPersistent"></param>
/// <returns></returns>
public AuthenticationServiceResponse SignInUser(UserModel userModel, bool isPersistent = false)
{
var user = UserManager.FindByEmail(userModel.UserName); //_unitOfWork.UserRepository.Get(filter => filter.Email == loginModel.UserName).FirstOrDefault();
var role = "";
role = user != null?UserManager.GetRoles(user.Id).FirstOrDefault() : "";//getting User Role eg:BusinessUser,User,Admin etc..
if (user != null)
{
SignInStatus signStatus = SignInManager.PasswordSignIn(userModel.UserName, userModel.Password, false, //loginModel.RememberMe,
(!user.LockoutEnabled ? user.LockoutEnabled : UserManager.UserLockoutEnabledByDefault));
int accessFailedCount = UserManager.GetAccessFailedCount(user.Id);
int attemptsLeft = UserManager.MaxFailedAccessAttemptsBeforeLockout - accessFailedCount;
bool halfAttemptExceed = accessFailedCount > (UserManager.MaxFailedAccessAttemptsBeforeLockout) / 2;
if (signStatus != SignInStatus.Success && !halfAttemptExceed)
{
return(new AuthenticationServiceResponse()
{
Success = false, Message = UserLoginConstants.INVALID_LOGIN
});
}
if (signStatus == SignInStatus.Success) //&& role == UserType.BusinessUser.ToString())// role=Only BusinessUser can be Login
{
SignInManager.AuthenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie);
SignInManager.AuthenticationManager.SignIn(new AuthenticationProperties()
{
IsPersistent = isPersistent
}, user.GenerateUserIdentityAsync(UserManager, true).Result);
// return new AuthenticationServiceResponse() { Success = true, Message = "complete",Type=role};
}
//int accessFailedCount = UserManager.GetAccessFailedCount(user.Id);
//int attemptsLeft = UserManager.MaxFailedAccessAttemptsBeforeLockout - accessFailedCount;
//bool halfAttemptExceed = accessFailedCount > (UserManager.MaxFailedAccessAttemptsBeforeLockout) / 2;
//if (signStatus != SignInStatus.Success && !halfAttemptExceed)
//{
// return new AuthenticationServiceResponse() { Success = false, Message = UserLoginConstants.INVALID_LOGIN };
//}
//"Only Business User Can be login please contact with administrator"
return(new AuthenticationServiceResponse()
{
Success = true, Type = role, Message = "Login Successfully"
});
}
else
{
return(new AuthenticationServiceResponse()
{
Success = false, Message = UserLoginConstants.EMAIL_NOT_FOUND
});
}
}
public void LockoutAccount()
{
var userManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(this._session));
userManager.MaxFailedAccessAttemptsBeforeLockout = 3;
userManager.UserLockoutEnabledByDefault = true;
userManager.DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0);
userManager.Create(new ApplicationUser()
{
UserName = "******", LockoutEnabled = true
}, "Welcome");
var user = userManager.Find("test", "Welcome");
Assert.AreEqual(0, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.AreEqual(1, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.AreEqual(2, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.IsTrue(userManager.IsLockedOut(user.Id));
}
bool ValidLogin(Login login)
{
UserStore <IdentityUser> userStore = new UserStore <IdentityUser>();
UserManager <IdentityUser> userManager = new UserManager <IdentityUser>(userStore)
{
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
MaxFailedAccessAttemptsBeforeLockout = 5
};
var user = userManager.FindByName(login.UserName);
if (user == null)
{
UserNoFound = true;
return(false);
}
// User is locked out.
if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
{
Locked = true;
return(false);
}
// Validated user was locked out but now can be reset.
if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id))
{
if (userManager.SupportsUserLockout &&
userManager.GetAccessFailedCount(user.Id) > 0)
{
userManager.ResetAccessFailedCount(user.Id);
}
}
// Login is invalid so increment failed attempts.
else
{
bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
PasswordIncorrent = true;
if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
{
userManager.AccessFailed(user.Id);
return(false);
}
}
return(true);
}
public AuthenticationServiceResponse SignInUser(LoginModel model, string authenticationType, bool isPersistent = false)
{
var claimsIdentity = new ClaimsIdentity();
var user = UserManager.FindByEmail(model.UserName);
if (user == null)
{
return new AuthenticationServiceResponse()
{
Success = false, Message = UserLoginConstants.EMAIL_NOT_FOUND
}
}
;
var signStatus = SignInManager.PasswordSignInAsync(model.UserName, model.Password, false, //loginModel.RememberMe,
(!user.LockoutEnabled ? user.LockoutEnabled : UserManager.UserLockoutEnabledByDefault)).Result;
int accessFailedCount = UserManager.GetAccessFailedCount(user.Id);
int attemptsLeft = UserManager.MaxFailedAccessAttemptsBeforeLockout - accessFailedCount;
bool halfAttemptExceed = accessFailedCount > (UserManager.MaxFailedAccessAttemptsBeforeLockout) / 2;
if (signStatus != SignInStatus.Success && !halfAttemptExceed)
{
return(new AuthenticationServiceResponse()
{
Success = false, Message = UserLoginConstants.INVALID_LOGIN
});
}
if (signStatus == SignInStatus.Success)
{
claimsIdentity = user.GenerateUserIdentityAsync(UserManager, authenticationType, true).Result;
SignInManager.AuthenticationManager.SignOut(authenticationType);
SignInManager.AuthenticationManager.SignIn(new AuthenticationProperties()
{
IsPersistent = isPersistent
}, claimsIdentity);
}
return(new AuthenticationServiceResponse()
{
Success = true, Message = "Login Successfully", identity = claimsIdentity
});
}
public async Task <ActionResult> Login(LoginViewModel details, string returnUrl)
{
AppUser user = null;
AppUser currUser = null;
if (!string.IsNullOrEmpty(details.Name) && !string.IsNullOrEmpty(details.Password))
{
user = await UserManager.FindAsync(details.Name, details.Password);
currUser = UserManager.Users.FirstOrDefault(u => u.UserName == details.Name);
}
if ((user == null) || (currUser != null && UserManager.IsLockedOut(currUser.Id)))
{
if (currUser != null)
{
currUser.LockoutEnabled = true;
if (UserManager.IsLockedOut(currUser.Id))
{
ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}");
UserManager.ResetAccessFailedCount(currUser.Id);
}
else if (UserManager.MaxFailedAccessAttemptsBeforeLockout <= currUser.AccessFailedCount + 1)
{
currUser.LockoutEndDateUtc = DateTime.UtcNow.AddMinutes(1);
await UserManager.UpdateAsync(currUser);
UserManager.ResetAccessFailedCount(currUser.Id);
ModelState.AddModelError("", $"Ваш аккаунт заблокирован в целях безопасноти, до {currUser.LockoutEndDateUtc.Value}");
}
else
{
UserManager.AccessFailed(currUser.Id);
ModelState.AddModelError("", $"Некорректный пароль осталось {UserManager.MaxFailedAccessAttemptsBeforeLockout - UserManager.GetAccessFailedCount(currUser.Id)} попытки.");
}
}
else
{
ModelState.AddModelError("", "Некорректное имя или пароль.");
}
}
else
{
ClaimsIdentity ident = await UserManager.CreateIdentityAsync(user,
DefaultAuthenticationTypes.ApplicationCookie);
await UserManager.ResetAccessFailedCountAsync(user.Id);
AuthManager.SignOut();
AuthManager.SignIn(new AuthenticationProperties
{
IsPersistent = true
}, ident);
HttpCookie cookie = new HttpCookie("ShoppingBasket");
if (Request.Cookies["ShoppingBasket"] == null || string.IsNullOrEmpty(Request.Cookies["ShoppingBasket"]["ShoppingBasket"]) || !string.IsNullOrEmpty(user.GoodsInBasket))
{
cookie["ShoppingBasket"] = user.GoodsInBasket;
Response.Cookies.Add(cookie);
}
cookie = new HttpCookie("WishesAmount");
if (!string.IsNullOrEmpty(user.GoodsWishes))
{
cookie["WishesAmount"] = (user.GoodsWishes.ToCharArray().Where(c => c == '+').Count() / 2).ToString();
Response.Cookies.Add(cookie);
}
AccountInfoEvent($"Account wiht name:{user.UserName}; and id:{user.Id} has been successfuly logged in");
if (!string.IsNullOrEmpty(returnUrl))
{
return(Redirect(returnUrl));
}
else
{
return(RedirectToActionPermanent("Index", "Home"));
}
}
return(View(details));
}
bool ValidLogin(Login login)
{
UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore)
{
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
MaxFailedAccessAttemptsBeforeLockout = 3
};
var user = userManager.FindByName(login.UserName);
if (user == null)
return false;
// User is locked out.
if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
return false;
// Validated user was locked out but now can be reset.
if (userManager.CheckPassword(user, login.Password)
&& userManager.IsEmailConfirmed(user.Id))
{
if (userManager.SupportsUserLockout
&& userManager.GetAccessFailedCount(user.Id) > 0)
{
userManager.ResetAccessFailedCount(user.Id);
}
}
// Login is invalid so increment failed attempts.
else {
bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
{
userManager.AccessFailed(user.Id);
return false;
}
}
return true;
}
bool ValidLogin(Login login)
{
UserStore<IdentityUser> userStore = new UserStore<IdentityUser>();
UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore)
{
UserLockoutEnabledByDefault = true,
DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0),
MaxFailedAccessAttemptsBeforeLockout = 3
};
var user = userManager.FindByName(login.UserName);
if (user == null)
return false;
// User is locked out.
if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id))
{
return false;
}
// Validated user was locked out but now can be reset.
if (userManager.CheckPassword(user, login.Password))
{
if (userManager.SupportsUserLockout
&& userManager.GetAccessFailedCount(user.Id) > 0)
{
userManager.ResetAccessFailedCount(user.Id);
}
}
// Login is invalid so increment failed attempts.
else {
bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id);
if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id))
{
userManager.AccessFailed(user.Id);
return false;
}
CaptchaHelper captchaHelper = new CaptchaHelper();
string captchaResponse = captchaHelper.CheckRecaptcha();
if (captchaResponse != "Valid")
{
ViewBag.ErrorResponse = "The captcha must be valid";
}
}
return true;
}
public void LockoutAccount()
{
var userManager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this._session));
userManager.MaxFailedAccessAttemptsBeforeLockout = 3;
userManager.UserLockoutEnabledByDefault = true;
userManager.DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0);
userManager.Create(new ApplicationUser() { UserName = "******", LockoutEnabled = true }, "Welcome");
var user = userManager.Find("test", "Welcome");
Assert.AreEqual(0, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.AreEqual(1, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.AreEqual(2, userManager.GetAccessFailedCount(user.Id));
userManager.AccessFailed(user.Id);
Assert.IsTrue(userManager.IsLockedOut(user.Id));
}
protected void BtnIniciar_Click1(object sender, EventArgs e)
{
var userStore = new UserStore<IdentityUser>();
var userManager = new UserManager<IdentityUser>(userStore);
//var user = userManager.Find(UserName.Text, Password.Text);
var user = userManager.FindByName(UserName.Text);
if (user != null)
{
var validCredentials = userManager.Find(UserName.Text, Password.Text);
if (userManager.IsLockedOut(user.Id))
{
ModelState.AddModelError("", string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()));
StatusText.Text = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString());
}
else if (userManager.GetLockoutEnabled(user.Id) && validCredentials == null)
{
userManager.AccessFailed(user.Id);
string message;
if (userManager.IsLockedOut(user.Id))
{
message = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString());
StatusText.Text = message;
}
else
{
int accessFailedCount = userManager.GetAccessFailedCount(user.Id);
int attemptsLeft =
Convert.ToInt32(
ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString()) -
accessFailedCount;
message = string.Format(
"Invalid credentials. You have {0} more attempt(s) before your account gets locked out.", attemptsLeft);
StatusText.Text = message;
}
ModelState.AddModelError("", message);
}
else if (validCredentials == null)
{
ModelState.AddModelError("", "Invalid credentials. Please try again.");
StatusText.Text = "Invalid credentials. Please try again.";
}
else
{
var authenticationManager = HttpContext.Current.GetOwinContext().Authentication;
var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie);
authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity);
userManager.ResetAccessFailedCount(user.Id);
string vig = DateTime.Now.Year.ToString();
SetCookieUser(UserName.Text, vig);
string url = Request.QueryString["ReturnUrl"];
if (url == "" || url == null)
{
gesMenuAdapter mg = new gesMenuAdapter();
List<dataTree> l = mg.getOpciones("INICI", UserName.Text);
if (l.Where(t => t.roles == "INICIAdministrativo").FirstOrDefault() != null)
{
SetCookieRol("administrador");
url = "/Inicio/Administrativo/Inicio.aspx";
}
else
{
if (l.Where(t => t.roles == "INICIAcudientes").FirstOrDefault() != null)
{
SetCookieRol("acudiente");
url = "/Inicio/Acudientes/Inicio.aspx";
}
}
}
IdentityHelper.RedirectToReturnUrl(url, Response);
}
}
else
{
StatusText.Text = "Invalid username or password.";
}
}
