PageRenderTime 50ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 0ms

/BaliEnterpriseSystems/BaliEnterpriseSystems/Login.aspx.cs

https://github.com/sirivedula/BEST
C# | 88 lines | 84 code | 3 blank | 1 comment | 9 complexity | 685cfad9c599debafaa9826121e4de88 MD5 | raw file
  1. using System;
  2. using System.Collections;
  3. using System.Configuration;
  4. using System.Data;
  5. using System.Linq;
  6. using System.Web;
  7. using System.Web.Security;
  8. using System.Web.UI;
  9. using System.Web.UI.HtmlControls;
  10. using System.Web.UI.WebControls;
  11. using System.Web.UI.WebControls.WebParts;
  12. using System.Xml.Linq;
  13. using BaliEnterpriseSystems.BestObjects;
  14. namespace BaliEnterpriseSystems
  15. {
  16. public partial class Login : System.Web.UI.Page
  17. {
  18. protected void Page_LoadComplete(object sender, EventArgs e)
  19. {
  20. if (IsPostBack)
  21. {
  22. if (string.IsNullOrEmpty(txtUserName.Text))
  23. {
  24. ltrValidateMsg.Text = Utils.WarningMessage("User Name is Required.");
  25. }
  26. else if (string.IsNullOrEmpty(txtPassword.Text))
  27. {
  28. ltrValidateMsg.Text = Utils.WarningMessage("Password is Required.");
  29. }
  30. else
  31. {
  32. // validate the password
  33. CurrentUser cu = new CurrentUser(txtUserName.Text);
  34. if (txtPassword.Text.Trim() != "") //Distributed password attack mitigation
  35. {
  36. BestSuspicion bsusp = new BestSuspicion();
  37. Int32 passScore = bsusp.GetScore(txtPassword.Text);
  38. cu.SleepWithMax(passScore * 5, 20000);
  39. }
  40. if (cu.loginIsValid(txtPassword.Text))
  41. {
  42. Guid sessguid = Guid.NewGuid();
  43. HttpContext.Current.Session["SessionGuid"] = sessguid;
  44. logLogin(txtUserName.Text, true, sessguid);
  45. HttpContext.Current.Session["CurrentUser"] = cu;
  46. if (cu.BestUser.initialPassword)
  47. {
  48. Response.Redirect("InitialPasswordChage.aspx");
  49. }
  50. else
  51. {
  52. cu.BestUser.IsLoggedIn = true;
  53. Response.Redirect("Dashboard.aspx?ms=1");
  54. }
  55. }
  56. else
  57. {
  58. logLogin(txtUserName.Text, false, null);
  59. ltrValidateMsg.Text = Utils.WarningMessage(cu.Error.Message);
  60. }
  61. }
  62. }
  63. else
  64. {
  65. txtPassword.Text = "";
  66. txtUserName.Text = "";
  67. }
  68. }
  69. private void logLogin(string username, bool valid, Guid? sessionGuid)
  70. {
  71. BestLogins login = new BestLogins();
  72. login.UserName = username;
  73. login.serverip = HttpContext.Current.Request.ServerVariables["LOCAL_ADDR"].ToString();
  74. login.loginvalid = valid;
  75. login.sourceip = Request.UserHostAddress;
  76. login.additionalInfo = Request.UserAgent;
  77. if (sessionGuid.HasValue)
  78. {
  79. login.sessionguid = sessionGuid.Value;
  80. Session["BestSessionGuid"] = login.sessionguid;
  81. }
  82. login.CurrentRow.Save();
  83. }
  84. }
  85. }