/// <summary>
/// Page Load
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void Page_Load(object sender, EventArgs e)
{
try
{
if (!Page.IsPostBack)
{
objLoginAttempts = objUserBLL.GetLoginAttempts();
txtLoginAttempts.Text = "0";
if (objLoginAttempts != null)
{
if (objLoginAttempts.Id > 0)
{
txtLoginAttempts.Text = Convert.ToString(objLoginAttempts.LoginAttempt);
}
}
}
}
catch (Exception ex)
{
log.Error("Page_Load \n Message: " + ex.Message + "\n Source: " + ex.Source + "\n StackTrace: " + ex.StackTrace);
ExceptionLog.WriteLog(PageName + " @ Page_Load ", ex.Message + " \n " + ex.StackTrace);
}
}
/// <summary>
///
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
protected void btnLogin_Click(object sender, EventArgs e)
{
try
{
// Active Directory selected
if (rdolstAuthenticationType.SelectedValue == "0")
{
Dns.GetHostName();
ExceptionLog.WriteLog(PageName + " @ HttpContext.Current.User.Identity.Name ", HttpContext.Current.User.Identity.Name + " \n ");
ExceptionLog.WriteLog(PageName + " @ Dns.GetHostName()", Dns.GetHostName() + " \n ");
ExceptionLog.WriteLog(PageName + " @ Dns.GetHostEntry(Request.ServerVariables[]).HostName", Dns.GetHostEntry(Dns.GetHostName()).HostName + " \n ");
ExceptionLog.WriteLog(PageName + " @ System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().DomainName", System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().DomainName + " \n ");
if (DoesUserExist(System.Security.Principal.WindowsIdentity.GetCurrent().Name))
{
objLoginHistory.UserId = Convert.ToInt32(Session["UserId"]);
objLoginHistory.LoginTime = DateTime.Now;
objLoginHistory.CreatedBy = Convert.ToInt32(Session["UserId"]);
objLoginHistory.CreatedOn = DateTime.Now;
objLoginHistory.CreatedIp = CommonUtils.GetIPAddresses();
objLoginHistory.UserName = Environment.UserName;
objUserBLL.LogLoginTime(objLoginHistory);
Session["UserName"] = Environment.UserName;
Response.Redirect("LoginLogoutHistory.aspx");
}
else
{
lblError.Text = "No account found with that username.";
lblError.Attributes.Add("display", "block");
txtUserName.Text = string.Empty;
txtPassword.Text = string.Empty;
}
}
else if (rdolstAuthenticationType.SelectedValue == "1")
{
if (!string.IsNullOrEmpty(txtUserName.Text.Trim()) && !string.IsNullOrEmpty(txtPassword.Text.Trim()))
{
//SQL Server Validation
objUser = objUserBLL.GetUserDetailsByUserName(txtUserName.Text.Trim());
if (objUser != null)
{
if (objUser.Id != 0 && objUser.UserLogin.IsActive == true)
{
if (objUser.UserLogin.AccountLocked == true)
{
lblError.Text = "The account is locked please contact administrator.";
lblError.Attributes.Add("display", "block");
txtUserName.Text = string.Empty;
txtPassword.Text = string.Empty;
}
else
{
if (objUser.UserLogin.Password.Equals(CommonUtils.Encrypt(txtPassword.Text.Trim())))
{
Session["RoleId"] = Convert.ToString(objUser.UserLogin.RoleId);
Session["UserId"] = Convert.ToString(objUser.Id);
objLoginHistory.UserId = objUser.Id;
objLoginHistory.LoginTime = DateTime.Now;
objLoginHistory.CreatedBy = Convert.ToInt32(Session["UserId"]);
objLoginHistory.CreatedOn = DateTime.Now;
objLoginHistory.CreatedIp = CommonUtils.GetIPAddresses();
objLoginHistory.UserName = objUser.UserLogin.UserName;
objUserBLL.LogLoginTime(objLoginHistory);
objUserBLL.ClearLoginAttempts(objUser.Id);
if (chkRememberPassword.Checked == true)
{
Response.Cookies["UserName"].Value = txtUserName.Text;
Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(10);
Response.Cookies["Password"].Value = txtPassword.Text;
Response.Cookies["Password"].Expires = DateTime.Now.AddDays(10);
}
else
{
Response.Cookies["UserName"].Expires = DateTime.Now.AddDays(-1);
Response.Cookies["Password"].Expires = DateTime.Now.AddDays(-1);
}
Response.Redirect("LoginLogoutHistory.aspx");
}
else
{
objLoginAttempts = objUserBLL.GetLoginAttempts();
if (objLoginAttempts != null && objLoginAttempts.Id > 0)
{
if (objLoginAttempts.LoginAttempt > objUser.UserLogin.PasswordWrongAttempts)
{
if (objLoginAttempts.LoginAttempt == objUser.UserLogin.PasswordWrongAttempts + 1)
{
objUserLogin.AccountLocked = true;
objUserLogin.PasswordWrongAttempts = objUser.UserLogin.PasswordWrongAttempts + 1;
objUserLogin.UpdatedBy = Convert.ToInt32(Session["UserId"]);
objUserLogin.UpdatedOn = DateTime.Now;
objUserLogin.LastPasswordWrong = DateTime.Now;
objUserLogin.UserId = objUser.Id;
objUserBLL.LockUserDetails(objUserLogin);
}
else
{
objUserLogin.AccountLocked = false;
objUserLogin.PasswordWrongAttempts = objUser.UserLogin.PasswordWrongAttempts + 1;
objUserLogin.UpdatedBy = Convert.ToInt32(Session["UserId"]);
objUserLogin.UpdatedOn = DateTime.Now;
objUserLogin.LastPasswordWrong = DateTime.Now;
objUserLogin.UserId = objUser.Id;
objUserBLL.UpdatePasswordWorngAttemptDetails(objUserLogin);
lblError.Text = "Please enter correct User name and password Your access will be locked after " + (objLoginAttempts.LoginAttempt - (objUser.UserLogin.PasswordWrongAttempts + 1)) + " consecutive wrong attempts.";
lblError.Attributes.Add("display", "block");
txtUserName.Text = string.Empty;
txtPassword.Text = string.Empty;
}
}
}
else
{
lblError.Text = "The username or password you entered is incorrect.";
lblError.Attributes.Add("display", "block");
txtUserName.Text = string.Empty;
txtPassword.Text = string.Empty;
}
}
}
}
else
{
lblError.Text = "No account found with that username.";
lblError.Attributes.Add("display", "block");
txtUserName.Text = string.Empty;
txtPassword.Text = string.Empty;
}
}
else
{
lblError.Text = "No account found with that username.";
lblError.Attributes.Add("display", "block");
txtUserName.Text = string.Empty;
txtPassword.Text = string.Empty;
}
}
}
}
catch (Exception ex)
{
log.Error("btnLogin_Click \n Message: " + ex.Message + "\n Source: " + ex.Source + "\n StackTrace: " + ex.StackTrace);
ExceptionLog.WriteLog(PageName + " @ btnLogin_Click ", ex.Message + " \n " + ex.StackTrace);
}
}
/// <summary>
/// Method for updating login attempts
/// </summary>
/// <param name="loginAttempts"></param>
/// <returns></returns>
public bool UpdateLoginAttempts(LoginAttempts loginAttempts)
{
bool result = false;
try
{
SqlCommand objSqlCommand = new SqlCommand();
SqlParameter[] objLstParams = new SqlParameter[4];
SqlParameter objLoginAttempts = new SqlParameter("@LoginAttempts", SqlDbType.Int);
objLoginAttempts.Value = loginAttempts.LoginAttempt;
objLstParams[0] = objLoginAttempts;
SqlParameter objUpdatedBy = new SqlParameter("@UpdatedBy", SqlDbType.Int);
objUpdatedBy.Value = Convert.ToString(loginAttempts.UpdatedBy);
objLstParams[1] = objUpdatedBy;
SqlParameter objUpdatedOn = new SqlParameter("@UpdatedOn", SqlDbType.DateTime);
objUpdatedOn.Value = loginAttempts.UpdatedOn;
objLstParams[2] = objUpdatedOn;
SqlParameter objUpdatedIp = new SqlParameter("@UpdatedIp", SqlDbType.VarChar);
objUpdatedIp.Value = loginAttempts.UpdatedIp;
objLstParams[3] = objUpdatedIp;
result = Convert.ToBoolean(SqlHelper.ExecuteNonQuery(SqlHelper.ConnectionString, CommandType.StoredProcedure, SP_UpdateLoginAttempts, objLstParams));
objSqlCommand.Parameters.Clear();
}
catch (Exception ex)
{
log.Error("UpdateLoginAttempts \n Message: " + ex.Message + "\n Source: " + ex.Source + "\n StackTrace: " + ex.StackTrace);
ExceptionLog.WriteLog(COMMONDATA + " @ UpdateLoginAttempts ", ex.Message + " \n " + ex.StackTrace);
}
return result;
}
/// <summary>
/// Method for updating login attempts
/// </summary>
/// <param name="objLoginAttempts"></param>
/// <returns></returns>
public bool UpdateLoginAttempts(LoginAttempts objLoginAttempts)
{
return objUserDAL.UpdateLoginAttempts(objLoginAttempts);
}
/// <summary>
/// Method for getting login attempts
/// </summary>
/// <returns></returns>
public LoginAttempts GetLoginAttempts()
{
LoginAttempts objLoginAttempts = new LoginAttempts();
try
{
using (DataSet loginAttemptsTable = SqlHelper.ExecuteDataset(SqlHelper.ConnectionString, CommandType.StoredProcedure, SP_GetLoginAttempts))
{
if (loginAttemptsTable.Tables[0].Rows.Count > 0)
{
for (int i = 0; i < loginAttemptsTable.Tables[0].Rows.Count; i++)
{
objLoginAttempts.Id = Convert.ToInt32(loginAttemptsTable.Tables[0].Rows[i]["Id"]);
objLoginAttempts.LoginAttempt = Convert.ToInt32(loginAttemptsTable.Tables[0].Rows[i]["LoginAttempts"]);
objLoginAttempts.CreatedBy = Convert.ToInt32(loginAttemptsTable.Tables[0].Rows[i]["CreatedBy"]);
objLoginAttempts.CreatedOn = Convert.ToDateTime(loginAttemptsTable.Tables[0].Rows[i]["CreatedOn"]);
objLoginAttempts.CreatedIp = Convert.ToString(loginAttemptsTable.Tables[0].Rows[i]["CreatedIp"]);
objLoginAttempts.UpdatedBy = Convert.ToInt32(loginAttemptsTable.Tables[0].Rows[i]["UpdatedBy"]);
objLoginAttempts.UpdatedOn = Convert.ToDateTime(loginAttemptsTable.Tables[0].Rows[i]["UpdatedOn"]);
objLoginAttempts.UpdatedIp = Convert.ToString(loginAttemptsTable.Tables[0].Rows[i]["UpdatedIp"]);
}
}
}
}
catch (Exception ex)
{
log.Error("GetLoginAttempts \n Message: " + ex.Message + "\n Source: " + ex.Source + "\n StackTrace: " + ex.StackTrace);
ExceptionLog.WriteLog(COMMONDATA + " @ GetLoginAttempts ", ex.Message + " \n " + ex.StackTrace);
}
return objLoginAttempts;
}
