//
// GET: /Account/Login
public ActionResult Login(string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
ViewData["showCaptcha"] = false;
ViewData["allowRegistration"] = allowRegistration;
if (watchBadLogins)
{
BadLoginCount record = COREobject.i.Context.BadLoginCounts.SingleOrDefault(a => a.IP == HttpContext.Request.UserHostAddress);
if (record != null)
{
ViewData["showCaptcha"] = record.AttemptsCount >= captchaLimit;
if (record.AttemptsCount >= waitInterval)
{
int timeout = (int)Math.Floor((double)record.AttemptsCount / waitInterval) * waitTimeout;
if (record.LastAtempt >= DateTime.Now.AddSeconds(-timeout))
{
ModelState.AddModelError("", string.Format("Please wait {0} seconds before next attempt", timeout));
}
}
}
}
return(View());
}
public override void OnActionExecuting(ActionExecutingContext filterContext)
{
if (filterContext.Controller is AccountController)
{
if (AccountController.watchBadLogins)
{
string userIp = filterContext.HttpContext.Request.UserHostAddress;
BadLoginCount record = COREobject.i.Context.BadLoginCounts.SingleOrDefault(a => a.IP == userIp);
if (record != null && record.AttemptsCount >= AccountController.captchaLimit)
{
base.OnActionExecuting(filterContext);
}
}
}
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
// Security checks
string userIp = HttpContext.Request.UserHostAddress;
DBEntities context = COREobject.i.Context;
BadLoginCount record = null;
ViewData["showCaptcha"] = false;
ViewData["allowRegistration"] = allowRegistration;
// Check if bruteforce countermeasures are enabled
if (watchBadLogins)
{
record = context.BadLoginCounts.SingleOrDefault(a => a.IP == userIp) ?? new BadLoginCount()
{
AttemptsCount = 0, IP = userIp
};
if (record.AttemptsCount == 0)
{
context.BadLoginCounts.Add(record);
}
// Show captcha?
ViewData["showCaptcha"] = record.AttemptsCount >= captchaLimit;
// Too fast attempts?
if (record.AttemptsCount >= waitInterval)
{
int timeout = (int)Math.Floor((double)record.AttemptsCount / waitInterval) * waitTimeout;
if (record.LastAtempt >= DateTime.Now.AddSeconds(-timeout))
{
ModelState.AddModelError("", string.Format("Please wait {0} seconds before next attempt", timeout));
}
}
}
if (!ModelState.IsValid)
{
if (watchBadLogins)
{
record.LastAtempt = DateTime.Now;
record.AttemptsCount++;
context.SaveChanges();
}
return(View(model));
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.OmniusPasswordSignInAsync(model.UserName, model.Password, model.RememberMe, shouldLockout : false);
switch (result)
{
case SignInStatus.Success:
context.BadLoginCounts.Remove(record);
context.SaveChanges();
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }));
case SignInStatus.Failure:
default:
// Check if bruteforce countermeasures are enabled
if (watchBadLogins)
{
record.AttemptsCount++;
record.LastAtempt = DateTime.Now;
context.SaveChanges();
// Show captcha?
ViewData["showCaptcha"] = record.AttemptsCount >= captchaLimit;
// Warn before too fast attempts?
if (record.AttemptsCount >= waitInterval)
{
int timeout = (int)Math.Floor((double)record.AttemptsCount / waitInterval) * waitTimeout;
ModelState.AddModelError("", string.Format("Please wait {0} seconds before next attempt", timeout));
}
}
ModelState.AddModelError("", "Invalid login attempt.");
return(View(model));
}
}
