public static ObjectResult GetSigninLockedResponse(this FailedSigninResultModel model) { var response = new { message = model.Message, retryPeriodInMinutes = model.RetryPeriodInMinutesWhenLocked }; return(new ObjectResult(response) { StatusCode = (int)HttpStatusCode.TooManyRequests }); }
public static ObjectResult GetWarningResponse(this FailedSigninResultModel model) { var response = new { error = WarningErrorCode, message = model.Message, attemptsLeft = model.AttemptsLeftBeforeLock }; return(new ObjectResult(response) { StatusCode = (int)HttpStatusCode.Unauthorized }); }
public async Task <FailedSigninResultModel> RegisterFailedSigninAsync(string email) { if (string.IsNullOrEmpty(email)) { throw new ArgumentNullException(nameof(email)); } var(customerIdentity, sanitizedIdentity) = await GetCustomerIdentityAsync(email); if (await _locksService.DoesLockExistAsync(customerIdentity)) { _log.Warning($"The signin for [{sanitizedIdentity}] is already locked"); return(FailedSigninResultModel.SigninLocked((int)_config.AccountLockPeriod.TotalMinutes)); } var counter = await _expiringCountersService.IncrementCounterAsync(_config.ThresholdPeriod, nameof(SigninThrottlingService), customerIdentity); if (counter >= _config.LockThreshold) { var signinLocked = await _locksService.TryAcquireLockAsync( new { customerIdentity }.ToJson(), DateTime.UtcNow.Add(_config.AccountLockPeriod), customerIdentity); if (!signinLocked) { _log.Error(message: $"Couldn't lock signin for [{sanitizedIdentity}]"); throw new InvalidOperationException("Signin lock was unsuccessful"); } _log.Warning($"The account [{sanitizedIdentity}] has been locked for signin attempts for {_config.AccountLockPeriod}"); return(FailedSigninResultModel.SigninLocked((int)_config.AccountLockPeriod.TotalMinutes)); } var attemptsLeftBeforeLock = _config.LockThreshold - (int)counter; return(counter >= _config.WarningThreshold ? FailedSigninResultModel.Warning(attemptsLeftBeforeLock) : FailedSigninResultModel.NoImpact(attemptsLeftBeforeLock)); }