// // GET: /Account/Login public ActionResult Login(string returnUrl) { ViewBag.ReturnUrl = returnUrl; ViewData["showCaptcha"] = false; ViewData["allowRegistration"] = allowRegistration; if (watchBadLogins) { BadLoginCount record = COREobject.i.Context.BadLoginCounts.SingleOrDefault(a => a.IP == HttpContext.Request.UserHostAddress); if (record != null) { ViewData["showCaptcha"] = record.AttemptsCount >= captchaLimit; if (record.AttemptsCount >= waitInterval) { int timeout = (int)Math.Floor((double)record.AttemptsCount / waitInterval) * waitTimeout; if (record.LastAtempt >= DateTime.Now.AddSeconds(-timeout)) { ModelState.AddModelError("", string.Format("Please wait {0} seconds before next attempt", timeout)); } } } } return(View()); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { if (filterContext.Controller is AccountController) { if (AccountController.watchBadLogins) { string userIp = filterContext.HttpContext.Request.UserHostAddress; BadLoginCount record = COREobject.i.Context.BadLoginCounts.SingleOrDefault(a => a.IP == userIp); if (record != null && record.AttemptsCount >= AccountController.captchaLimit) { base.OnActionExecuting(filterContext); } } } }
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl) { // Security checks string userIp = HttpContext.Request.UserHostAddress; DBEntities context = COREobject.i.Context; BadLoginCount record = null; ViewData["showCaptcha"] = false; ViewData["allowRegistration"] = allowRegistration; // Check if bruteforce countermeasures are enabled if (watchBadLogins) { record = context.BadLoginCounts.SingleOrDefault(a => a.IP == userIp) ?? new BadLoginCount() { AttemptsCount = 0, IP = userIp }; if (record.AttemptsCount == 0) { context.BadLoginCounts.Add(record); } // Show captcha? ViewData["showCaptcha"] = record.AttemptsCount >= captchaLimit; // Too fast attempts? if (record.AttemptsCount >= waitInterval) { int timeout = (int)Math.Floor((double)record.AttemptsCount / waitInterval) * waitTimeout; if (record.LastAtempt >= DateTime.Now.AddSeconds(-timeout)) { ModelState.AddModelError("", string.Format("Please wait {0} seconds before next attempt", timeout)); } } } if (!ModelState.IsValid) { if (watchBadLogins) { record.LastAtempt = DateTime.Now; record.AttemptsCount++; context.SaveChanges(); } return(View(model)); } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, change to shouldLockout: true var result = await SignInManager.OmniusPasswordSignInAsync(model.UserName, model.Password, model.RememberMe, shouldLockout : false); switch (result) { case SignInStatus.Success: context.BadLoginCounts.Remove(record); context.SaveChanges(); return(RedirectToLocal(returnUrl)); case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.RequiresVerification: return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe })); case SignInStatus.Failure: default: // Check if bruteforce countermeasures are enabled if (watchBadLogins) { record.AttemptsCount++; record.LastAtempt = DateTime.Now; context.SaveChanges(); // Show captcha? ViewData["showCaptcha"] = record.AttemptsCount >= captchaLimit; // Warn before too fast attempts? if (record.AttemptsCount >= waitInterval) { int timeout = (int)Math.Floor((double)record.AttemptsCount / waitInterval) * waitTimeout; ModelState.AddModelError("", string.Format("Please wait {0} seconds before next attempt", timeout)); } } ModelState.AddModelError("", "Invalid login attempt."); return(View(model)); } }