PageRenderTime 66ms CodeModel.GetById 57ms app.highlight 5ms RepoModel.GetById 1ms app.codeStats 0ms

/BaliEnterpriseSystems/BaliEnterpriseSystems/Login.aspx.cs

https://github.com/sirivedula/BEST
C# | 88 lines | 84 code | 3 blank | 1 comment | 9 complexity | 685cfad9c599debafaa9826121e4de88 MD5 | raw file
 1using System;
 2using System.Collections;
 3using System.Configuration;
 4using System.Data;
 5using System.Linq;
 6using System.Web;
 7using System.Web.Security;
 8using System.Web.UI;
 9using System.Web.UI.HtmlControls;
10using System.Web.UI.WebControls;
11using System.Web.UI.WebControls.WebParts;
12using System.Xml.Linq;
13using BaliEnterpriseSystems.BestObjects;
14
15namespace BaliEnterpriseSystems
16{
17    public partial class Login : System.Web.UI.Page
18    {
19        protected void Page_LoadComplete(object sender, EventArgs e)
20        {
21            if (IsPostBack)
22            {
23                if (string.IsNullOrEmpty(txtUserName.Text))
24                {
25                    ltrValidateMsg.Text = Utils.WarningMessage("User Name is Required.");
26                }
27                else if (string.IsNullOrEmpty(txtPassword.Text))
28                {
29                    ltrValidateMsg.Text = Utils.WarningMessage("Password is Required.");
30                }
31                else
32                {
33                    // validate the password
34                    CurrentUser cu = new CurrentUser(txtUserName.Text);
35                    if (txtPassword.Text.Trim() != "") //Distributed password attack mitigation
36                    {
37                        BestSuspicion bsusp = new BestSuspicion();
38                        Int32 passScore = bsusp.GetScore(txtPassword.Text);
39                        cu.SleepWithMax(passScore * 5, 20000);
40                    }
41                    if (cu.loginIsValid(txtPassword.Text))
42                    {
43                        Guid sessguid = Guid.NewGuid();
44                        HttpContext.Current.Session["SessionGuid"] = sessguid;
45                        logLogin(txtUserName.Text, true, sessguid);
46                        HttpContext.Current.Session["CurrentUser"] = cu;
47                        if (cu.BestUser.initialPassword)
48                        {
49                            Response.Redirect("InitialPasswordChage.aspx");
50                        }
51                        else
52                        {
53                            cu.BestUser.IsLoggedIn = true;
54                            Response.Redirect("Dashboard.aspx?ms=1");
55                        }
56                    }
57                    else
58                    {
59                        logLogin(txtUserName.Text, false, null);
60                        ltrValidateMsg.Text = Utils.WarningMessage(cu.Error.Message);
61                    }
62                }
63            }
64            else
65            {
66                txtPassword.Text = "";
67                txtUserName.Text = "";
68            }
69        }
70
71        private void logLogin(string username, bool valid, Guid? sessionGuid)
72        {
73            BestLogins login = new BestLogins();
74            login.UserName = username;
75            login.serverip = HttpContext.Current.Request.ServerVariables["LOCAL_ADDR"].ToString();
76            login.loginvalid = valid;
77            login.sourceip = Request.UserHostAddress;
78            login.additionalInfo = Request.UserAgent;
79            if (sessionGuid.HasValue)
80            {
81                login.sessionguid = sessionGuid.Value;
82                Session["BestSessionGuid"] = login.sessionguid;
83            }
84            login.CurrentRow.Save();
85        }
86
87    }
88}