bool ValidLogin(Login login) { UserStore <IdentityUser> userStore = new UserStore <IdentityUser>(); UserManager <IdentityUser> userManager = new UserManager <IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 5 }; var user = userManager.FindByName(login.UserName); if (user == null) { UserNoFound = true; return(false); } // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) { Locked = true; return(false); } // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); PasswordIncorrent = true; if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return(false); } } return(true); }
public ActionResult Status(string id) { var UserManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(db)); var userId = UserManager.FindById(id).Id; if (UserManager.GetLockoutEnabled(userId) == true) { UserManager.SetLockoutEnabled(userId, false); } else { UserManager.SetLockoutEnabled(userId, true); } return(RedirectToAction("Index")); }
private void initAdmin() { ApplicationDbContext context = new ApplicationDbContext(); var roleManager = new RoleManager <IdentityRole>(new RoleStore <IdentityRole>(context)); var UserManager = new UserManager <ApplicationUser>(new UserStore <ApplicationUser>(context)); // In Startup iam creating first Admin Role and creating a default Admin User if (!roleManager.RoleExists("Admin")) { // first we create Admin rool var role = new Microsoft.AspNet.Identity.EntityFramework.IdentityRole(); role.Name = "Admin"; roleManager.Create(role); //Here we create a Admin super user who will maintain the website var user = new ApplicationUser(); user.UserName = "******"; user.Email = "*****@*****.**"; string userPWD = "zaq1@WSX"; var chkUser = UserManager.Create(user, userPWD); //Add default User to Role Admin if (chkUser.Succeeded) { var result1 = UserManager.AddToRole(user.Id, "Admin"); } UserManager.GetLockoutEnabled(user.Id); } // creating Creating Manager role if (!roleManager.RoleExists("OkUser")) { var role = new Microsoft.AspNet.Identity.EntityFramework.IdentityRole(); role.Name = "OkUser"; roleManager.Create(role); } }
bool ValidLogin(Login login) { UserStore<IdentityUser> userStore = new UserStore<IdentityUser>(); UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 3 }; var user = userManager.FindByName(login.UserName); if (user == null) return false; // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) return false; // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password) && userManager.IsEmailConfirmed(user.Id)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return false; } } return true; }
bool ValidLogin(Login login) { UserStore<IdentityUser> userStore = new UserStore<IdentityUser>(); UserManager<IdentityUser> userManager = new UserManager<IdentityUser>(userStore) { UserLockoutEnabledByDefault = true, DefaultAccountLockoutTimeSpan = new TimeSpan(0, 10, 0), MaxFailedAccessAttemptsBeforeLockout = 3 }; var user = userManager.FindByName(login.UserName); if (user == null) return false; // User is locked out. if (userManager.SupportsUserLockout && userManager.IsLockedOut(user.Id)) { return false; } // Validated user was locked out but now can be reset. if (userManager.CheckPassword(user, login.Password)) { if (userManager.SupportsUserLockout && userManager.GetAccessFailedCount(user.Id) > 0) { userManager.ResetAccessFailedCount(user.Id); } } // Login is invalid so increment failed attempts. else { bool lockoutEnabled = userManager.GetLockoutEnabled(user.Id); if (userManager.SupportsUserLockout && userManager.GetLockoutEnabled(user.Id)) { userManager.AccessFailed(user.Id); return false; } CaptchaHelper captchaHelper = new CaptchaHelper(); string captchaResponse = captchaHelper.CheckRecaptcha(); if (captchaResponse != "Valid") { ViewBag.ErrorResponse = "The captcha must be valid"; } } return true; }
protected void BtnIniciar_Click1(object sender, EventArgs e) { var userStore = new UserStore<IdentityUser>(); var userManager = new UserManager<IdentityUser>(userStore); //var user = userManager.Find(UserName.Text, Password.Text); var user = userManager.FindByName(UserName.Text); if (user != null) { var validCredentials = userManager.Find(UserName.Text, Password.Text); if (userManager.IsLockedOut(user.Id)) { ModelState.AddModelError("", string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString())); StatusText.Text = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()); } else if (userManager.GetLockoutEnabled(user.Id) && validCredentials == null) { userManager.AccessFailed(user.Id); string message; if (userManager.IsLockedOut(user.Id)) { message = string.Format("Your account has been locked out for {0} minutes due to multiple failed login attempts.", ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()); StatusText.Text = message; } else { int accessFailedCount = userManager.GetAccessFailedCount(user.Id); int attemptsLeft = Convert.ToInt32( ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString()) - accessFailedCount; message = string.Format( "Invalid credentials. You have {0} more attempt(s) before your account gets locked out.", attemptsLeft); StatusText.Text = message; } ModelState.AddModelError("", message); } else if (validCredentials == null) { ModelState.AddModelError("", "Invalid credentials. Please try again."); StatusText.Text = "Invalid credentials. Please try again."; } else { var authenticationManager = HttpContext.Current.GetOwinContext().Authentication; var userIdentity = userManager.CreateIdentity(user, DefaultAuthenticationTypes.ApplicationCookie); authenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = false }, userIdentity); userManager.ResetAccessFailedCount(user.Id); string vig = DateTime.Now.Year.ToString(); SetCookieUser(UserName.Text, vig); string url = Request.QueryString["ReturnUrl"]; if (url == "" || url == null) { gesMenuAdapter mg = new gesMenuAdapter(); List<dataTree> l = mg.getOpciones("INICI", UserName.Text); if (l.Where(t => t.roles == "INICIAdministrativo").FirstOrDefault() != null) { SetCookieRol("administrador"); url = "/Inicio/Administrativo/Inicio.aspx"; } else { if (l.Where(t => t.roles == "INICIAcudientes").FirstOrDefault() != null) { SetCookieRol("acudiente"); url = "/Inicio/Acudientes/Inicio.aspx"; } } } IdentityHelper.RedirectToReturnUrl(url, Response); } } else { StatusText.Text = "Invalid username or password."; } }