public async Task <ActionResult> Login(string username, string password, bool rem) { if (username == null || password == null) { return(View()); } if (IsLoged(username, password)) { string id = AppAuthentication.GetIdByUserName(username); if (!string.IsNullOrEmpty(id)) { var appUser = await db.AppUsers.FindAsync(id); if (appUser != null) { if (appUser.Lockout == false) { appUser.ErrorLogCount = 0; db.AppUsers.Attach(appUser); db.Entry(appUser).Property(x => x.ErrorLogCount).IsModified = true; await db.SaveChangesAsync(); AddCookies(username, AppAuthentication.GetRoleName(username), password, rem); return(RedirectToAction("Index", "Home")); } else { if (await IsLuckoutFinished(appUser.LockTime, id)) { AddCookies(username, AppAuthentication.GetRoleName(username), password, rem); return(RedirectToAction("Index", "Home")); } else { ViewBag.msg = "تم حظر هذا الحساب مؤقتا يرجي معاودة محاولة تسجيل الدخول بعد انقضاء مدة الحظر"; return(View()); } } } } } else { if (await logError(username)) { ViewBag.msg = "نظرا لمحاولات التسجيل المتكررة والخاطئة تم اغلاق حساب " + username + " لمدة 12 ساعة"; } } return(View()); }
public async void AddCookies(string username, string roleName, string password, bool remember) { var claim = new List <Claim> { new Claim(ClaimTypes.Name, username), new Claim(ClaimTypes.NameIdentifier, AppAuthentication.GetIdByUserName(username)), new Claim(ClaimTypes.Role, roleName), new Claim("password", password), new Claim(ClaimTypes.IsPersistent, remember.ToString()) }; var claimIdentity = new ClaimsIdentity(claim, CookieAuthenticationDefaults.AuthenticationScheme); if (remember) { var authProperties = new AuthenticationProperties { AllowRefresh = true, IsPersistent = remember, ExpiresUtc = DateTime.UtcNow.AddDays(10) }; await HttpContext.SignInAsync ( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimIdentity), authProperties ); } else { var authProperties = new AuthenticationProperties { AllowRefresh = true, IsPersistent = remember, ExpiresUtc = DateTime.UtcNow.AddMinutes(30) }; await HttpContext.SignInAsync ( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimIdentity), authProperties ); } }
public async Task <bool> logError(string username) { string id = AppAuthentication.GetIdByUserName(username); if (!string.IsNullOrEmpty(id)) { var appUser = await db.AppUsers.FindAsync(id); if (appUser != null) { appUser.ErrorLogCount += 1; int count = appUser.ErrorLogCount; if (appUser.ErrorLogCount < 5) { db.AppUsers.Attach(appUser); await db.SaveChangesAsync(); ViewBag.msg = "بيانات الدخول غير صحيحة !!!" + "\r\n" + "لديك ( " + count + " ) محاولة تسجيل دخول خاطئة من عدد " + "(5) محاولات"; return(false); } else { db.AppUsers.Attach(appUser); appUser.ErrorLogCount += 1; appUser.LockTime = DateTime.Now.AddHours(12); appUser.Lockout = true; db.Entry(appUser).Property(x => x.Lockout).IsModified = true; db.Entry(appUser).Property(x => x.LockTime).IsModified = true; db.Entry(appUser).Property(x => x.ErrorLogCount).IsModified = true; await db.SaveChangesAsync(); return(true); } } } return(false); }