/AnotherStartup/App_Code/Account/Login.cs
C# | 88 lines | 65 code | 11 blank | 12 comment | 9 complexity | 7221006f50f046a2ba1bd9636aa9a830 MD5 | raw file
- using System;
- using System.Web.WebPages;
- using WebMatrix.WebData;
-
- /// <summary>
- /// Summary description for Login
- /// </summary>
- ///
- namespace Account
- {
- public static class Login
- {
- public class Model
- {
- public string Username { get; set; }
- public string Password { get; set; }
- public bool RememberMe { get; set; }
- }
-
- public class Errors
- {
- public ErrorMessage Username { get; set; }
- public ErrorMessage Password { get; set; }
-
- public Errors()
- {
- Username = ErrorMessage.Nil;
- Password = ErrorMessage.Nil;
- }
- }
-
- public static void Init(WebPageBase web)
- {
- // Initialize model properties
- Model model = web.Page.Model = new Model();
-
- // Initialize validation properties
- Errors errors = web.Page.Errors = new Errors();
-
- // If this is a POST request, validate and process data
- if (web.IsPost)
- {
- model.Username = web.Request.Form["username"];
- model.Password = web.Request.Form["password"];
- model.RememberMe = web.Request.Form["rememberMe"].AsBool();
-
- // Validate the user's username
- if (model.Username.IsEmpty())
- {
- errors.Username = web.Error("You must specify a username.");
- }
-
- // Validate the user's password
- if (model.Password.IsEmpty())
- {
- errors.Password = web.Error("You must specify a password.");
- }
-
- // Confirm there are no validation errors
- if (web.Page.IsValid)
- {
- if (WebSecurity.UserExists(model.Username) && WebSecurity.GetPasswordFailuresSinceLastSuccess(model.Username) > 4 && WebSecurity.GetLastPasswordFailureDate(model.Username).AddSeconds(60) > DateTime.UtcNow)
- {
- web.Response.Redirect("~/account/AccountLockedOut");
- return;
- }
-
- // Attempt to login to the Security object using provided creds
- if (WebSecurity.Login(model.Username, model.Password, model.RememberMe))
- {
- var returnUrl = web.Request.QueryString["ReturnUrl"];
- if (returnUrl.IsEmpty())
- {
- web.Response.Redirect("~/");
- }
- else
- {
- web.Context.RedirectLocal(returnUrl);
- }
- }
-
- // If we arrived here, the login failed; convey that to the user
- web.Page.IsValid = false;
- }
- }
- }
- }
- }