private void LoginFailed(SiteRegistration registration, DateTime? now = null)
{
DateTime currentTime = now ?? _dateTime.Now;
registration.FailedPasswordAttemptWindowStart =
registration.FailedPasswordAttemptWindowStart ?? currentTime;
registration.FailedPasswordAttemptCount += 1;
registration.LastFailedPasswordAttemptDate = currentTime;
var limitReached = registration.FailedPasswordAttemptCount >= MaxInvalidPasswordAttempts;
var inCurrentWindow = registration.FailedPasswordAttemptWindowStart.Value
>= _dateTime.Now - TimeSpan.FromMinutes(PasswordAttemptWindow);
if (limitReached && inCurrentWindow)
registration.IsLockedOut = true;
}
private void ResetLockout(SiteRegistration siteRegistration)
{
siteRegistration.FailedPasswordAttemptCount = 0;
siteRegistration.FailedPasswordAttemptWindowStart = null;
}
public override void CreateUser(string firstName, string lastName, string email, string password, bool receiveEmails)
{
ErrorUtility.CheckArgument(firstName, "firstName");
ErrorUtility.CheckArgument(lastName, "lastName");
ErrorUtility.CheckArgument(email, "email");
ErrorUtility.CheckArgument(password, "password");
AssertUserDoesNotExist(email);
var passwordHash = _crypto.HashPassword(password);
var currentTime = _dateTime.Now;
var user = new User
{
FirstName = firstName,
LastName = lastName,
Email = email,
CreatedDate = currentTime,
};
_users.Create(user);
var registration = new SiteRegistration
{
Password = passwordHash,
LastPasswordChangedDate = currentTime,
User = user
};
_siteRegistrations.Create(registration);
_uow.Commit();
}