public LoginResult Login(PartnerCredentialDTO credential, IPAddress ipAddress, bool keepOpened, out PartnerSessionDTO session) { Connector.IsTransaction = true; PartnerBLL partnerBLL = new PartnerBLL(Connector); PartnerDTO partner = partnerBLL.ReadByUsername(credential.Username); if (partner != null) { if (!partner.IsLocked) { byte[] credentialPassword = SHA512Hasher.Hash(credential.Password); if (BinaryComparer.AreEqual(credentialPassword, partner.Password)) { if (partner.HasEmailAddressBeenVerified) { DateTime loggedAt = DateTime.UtcNow; session = new PartnerSessionDTO() { Partner = partner, IPAddress = ipAddress, LoggedAt = loggedAt }; if (!keepOpened) { session.ExpiresOn = loggedAt.AddMinutes(16); } Create(session); Connector.CommitTransaction(); return(LoginResult.OK); } else { Connector.RollbackTransaction(); session = null; return(LoginResult.EmailAddressHasNotBeenVerified); } } else { PartnerLoginAttemptBLL loginAttemptBLL = new PartnerLoginAttemptBLL(Connector); PartnerLoginAttemptDTO loginAttempt = new PartnerLoginAttemptDTO() { Partner = partner, IPAddress = ipAddress }; loginAttemptBLL.Create(loginAttempt); Guid partnerId = partner.Id; PartnerSessionDTO lastSession = ReadLastByPartner(partnerId); List <PartnerLoginAttemptDTO> loginAttempts = loginAttemptBLL.ReadByPartnerAndTimeStampAsDate(partnerId, lastSession?.LoggedAt ?? DateTime.UtcNow.Date).ToList(); if (loginAttempts.Count >= 3) { partnerBLL.Update(partnerId, new Dictionary <string, object>() { { "IsLocked", true } }); } Connector.CommitTransaction(); session = null; return(LoginResult.PasswordDoesntMatch); } } else { Connector.RollbackTransaction(); session = null; return(LoginResult.AccountIsLocked); } } else { Connector.RollbackTransaction(); session = null; return(LoginResult.AccountDoesntExist); } }
public CreateResult Create(PartnerLoginAttemptDTO loginAttempt) { Repository.Insert(loginAttempt, out Guid id); loginAttempt.Id = id; return(CreateResult.OK); }