public bool Authenticate(LoginRequest request, IEnumerable<IAuthenticationStrategy> strategies) { _auditor.ApplyHistory(request); var authResult = strategies.Any(x => x.Authenticate(request)); _auditor.Audit(request); return authResult; }
public void SetRememberMeCookie(LoginRequest request) { if (request.RememberMe && request.UserName.IsNotEmpty()) { _cookies.User.Value = request.UserName; } }
public void ApplyHistory(LoginRequest request) { var history = _session.Load<LoginFailureHistory>(request.UserName); if (history == null) return; request.NumberOfTries = history.Attempts; request.LockedOutUntil = history.LockedOutTime; }
public void LogSuccess(LoginRequest request, Audit audit) { _repository.Update(audit); var history = _session.Load<LoginFailureHistory>(request.UserName); if (history != null) { _session.Delete(history); } }
public FubuContinuation LoggedIn(LoginRequest request) { string url = request.Url; if (url.IsEmpty()) { url = "~/"; } return FubuContinuation.RedirectTo(url); }
public void LoggedIn(LoginRequest request) { var url = request.Url; if (url.IsEmpty()) { url = "~/"; } _writer.RedirectToUrl(url); }
public HtmlDocument get_login(LoginRequest request) { var document = new HtmlDocument(); document.Title = "Login Page"; document.Add("h1").Text("This is the login page"); document.Add("div").Id("message").Text(request.Message); return document; }
public void apply_history_when_there_is_no_history() { var request = new LoginRequest { NumberOfTries = 5, UserName = "******" }; var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); auditor.ApplyHistory(request); request.NumberOfTries.ShouldEqual(5); // Nothing gets replaced }
public void LogFailure(LoginRequest request, Audit audit) { _repository.Update(audit); var history = _session.Load<LoginFailureHistory>(request.UserName) ?? new LoginFailureHistory { Id = request.UserName }; history.Attempts = request.NumberOfTries; history.LockedOutTime = request.LockedOutUntil; _session.Store(history); }
public bool Authenticate(LoginRequest request) { if (_authenticator.AuthenticateCredentials(request)) { request.Status = LoginStatus.Succeeded; _session.MarkAuthenticated(request.UserName); } else { request.Status = LoginStatus.Failed; request.NumberOfTries++; } return request.Status == LoginStatus.Succeeded; }
public LoginStatus IsLockedOut(LoginRequest request) { if (request.NumberOfTries >= _settings.MaximumNumberOfFailedAttempts) { return LoginStatus.LockedOut; } if (request.LockedOutUntil != null) { if (request.LockedOutUntil.Value > _systemTime.UtcNow()) { return LoginStatus.LockedOut; } } return LoginStatus.NotAuthenticated; }
public void write_login_failure() { var request = new LoginRequest { Status = LoginStatus.Failed, UserName = "******" }; var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); auditor.Audit(request); var theAudit = theContainer.GetInstance<IEntityRepository>().All<Audit>() .Where(x => x.Type == "LoginFailure").Single(); theAudit.Message.ShouldBeOfType<LoginFailure>(); theAudit.Timestamp.ShouldEqual(theTime.UtcNow()); theAudit.Username.ShouldEqual(request.UserName); }
public bool Authenticate(LoginRequest request) { if (_lockedOutRule.IsLockedOut(request) == LoginStatus.LockedOut) { request.Status = LoginStatus.LockedOut; } else if (_authenticator.AuthenticateCredentials(request)) { request.Status = LoginStatus.Succeeded; _session.MarkAuthenticated(request.UserName); } else { request.Status = LoginStatus.Failed; request.NumberOfTries++; _lockedOutRule.ProcessFailure(request); } return request.Status == LoginStatus.Succeeded; }
public void apply_history_when_there_is_prior_history() { var history = new LoginFailureHistory { Id = "AlreadyLockedOut", Attempts = 3, LockedOutTime = DateTime.Today.AddMinutes(30) }; theContainer.GetInstance<ITransaction>().Execute<IDocumentSession>(repo => repo.Store(history)); var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); var request = new LoginRequest { UserName = history.Id }; auditor.ApplyHistory(request); request.NumberOfTries.ShouldEqual(history.Attempts); request.LockedOutUntil.ShouldEqual(history.LockedOutTime.Value); }
public void ProcessFailure(LoginRequest request) { if (request.LockedOutUntil != null && request.LockedOutUntil.Value <= _systemTime.UtcNow()) { request.LockedOutUntil = null; } if (IsLockedOut(request) == LoginStatus.LockedOut) { request.Status = LoginStatus.LockedOut; request.Message = LoginKeys.LockedOut.ToString(); request.NumberOfTries = 0; // This is important for the unlocking later if (request.LockedOutUntil == null) { request.LockedOutUntil = _systemTime.UtcNow().AddMinutes(_settings.CooloffPeriodInMinutes); } } else { request.Message = LoginKeys.Failed.ToFormat(request.NumberOfTries, _settings.MaximumNumberOfFailedAttempts); } }
public void when_logging_success_wipe_clean_the_login_failure_history() { var history = new LoginFailureHistory { UserName = "******", Attempts = 3 }; theContainer.GetInstance<ITransaction>().WithRepository(repo => { repo.Update(history); }); waitForHistoryToAppear(history.UserName); var request = new LoginRequest { Status = LoginStatus.Succeeded, UserName = history.UserName }; var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); auditor.Audit(request); waitForHistoryToDisappear(history.UserName); }
public void when_logging_failure_for_a_user_that_is_locked_out() { var request = new LoginRequest { Status = LoginStatus.Failed, UserName = "******", NumberOfTries = 1, LockedOutUntil = DateTime.Today.ToUniversalTime() }; var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); auditor.Audit(request); var history = theContainer.GetInstance<IDocumentSession>() .Load<LoginFailureHistory>(request.UserName); history.LockedOutTime.ShouldEqual(request.LockedOutUntil); }
public bool Authenticate(LoginRequest request) { return Authenticate(request, _strategies); }
public bool Authenticate(LoginRequest request) { return _strategies.Any(x => x.Authenticate(request)); }
public bool Authenticate(LoginRequest request) { return(_strategies.Any(x => x.Authenticate(request))); }
public void apply_history_when_there_is_prior_history() { var history = new LoginFailureHistory { UserName = "******", Attempts = 3, LockedOutTime = DateTime.Today.AddMinutes(30) }; theContainer.GetInstance<ITransaction>().WithRepository(repo => repo.Update(history)); waitForHistoryToAppear(history.UserName); var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); var request = new LoginRequest { UserName = history.UserName }; auditor.ApplyHistory(request); request.NumberOfTries.ShouldEqual(history.Attempts); request.LockedOutUntil.ShouldEqual(history.LockedOutTime.Value); }
public void update_an_existing_history() { var history = new LoginFailureHistory { UserName = "******", Attempts = 2 }; theContainer.GetInstance<ITransaction>().WithRepository(repo => { repo.Update(history); }); waitForHistoryToAppear(history.UserName); var request = new LoginRequest { Status = LoginStatus.Failed, UserName = history.UserName, NumberOfTries = 3, LockedOutUntil = DateTime.Today.ToUniversalTime() }; var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); auditor.Audit(request); waitForHistoryToAppear(request.UserName); var history2 = theContainer.GetInstance<IEntityRepository>() .FindWhere<LoginFailureHistory>(x => x.UserName == request.UserName); history2.Attempts.ShouldEqual(request.NumberOfTries); history2.LockedOutTime.ShouldEqual(request.LockedOutUntil); }
public void when_logging_failure_for_a_user_that_is_locked_out() { var request = new LoginRequest { Status = LoginStatus.Failed, UserName = "******", NumberOfTries = 1, LockedOutUntil = DateTime.Today.ToUniversalTime() }; var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); auditor.Audit(request); waitForHistoryToAppear(request.UserName); var history = theContainer.GetInstance<IEntityRepository>() .FindWhere<LoginFailureHistory>(x => x.UserName == request.UserName); history.LockedOutTime.ShouldEqual(request.LockedOutUntil); }
public void when_logging_failure_for_a_user_that_has_no_prior_failure_history() { var request = new LoginRequest { Status = LoginStatus.Failed, UserName = "******", NumberOfTries = 1, LockedOutUntil = null }; var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); auditor.Audit(request); var history = theContainer.GetInstance<IDocumentSession>().Load<LoginFailureHistory>(request.UserName); history.ShouldNotBeNull(); history.Attempts.ShouldEqual(1); history.LockedOutTime.ShouldBeNull(); }
protected bool Equals(LoginRequest other) { return(string.Equals(Url, other.Url)); }
public void update_an_existing_history() { var history = new LoginFailureHistory { Id = "AlreadyFailed", Attempts = 2 }; theContainer.GetInstance<ITransaction>().Execute<IDocumentSession>(repo => { repo.Store(history); }); var request = new LoginRequest { Status = LoginStatus.Failed, UserName = history.Id, NumberOfTries = 3, LockedOutUntil = DateTime.Today.ToUniversalTime() }; var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); auditor.Audit(request); var history2 = theContainer.GetInstance<IDocumentSession>() .Load<LoginFailureHistory>(request.UserName); history2.Attempts.ShouldEqual(request.NumberOfTries); history2.LockedOutTime.ShouldEqual(request.LockedOutUntil); }
protected bool Equals(LoginRequest other) { return string.Equals(Url, other.Url); }
public void when_logging_success_wipe_clean_the_login_failure_history() { var history = new LoginFailureHistory { Id = "doofus", Attempts = 3 }; theContainer.GetInstance<ITransaction>().Execute<IDocumentSession>(repo => { repo.Store(history); }); var request = new LoginRequest { Status = LoginStatus.Succeeded, UserName = history.Id }; var auditor = theContainer.GetInstance<PersistedLoginAuditor>(); auditor.Audit(request); }
public bool Authenticate(LoginRequest request) { return false; }