如何在ASP.net Identity 2.0上启用AccessFailedCount和Lockout功

发布时间：2020-12-16 09:40:41 所属栏目：asp.Net 来源：网络整理

导读：我尝试使用此代码增加AccessFailedCount但它不起作用(在AspNetUsers表中不增加AccessFailed Count). =在本代码中,我的第一反应是,当用户登录失败时,增加AccessFailed计数但不能使用该代码所以请给我建议更新代码和任何事情. var manager = Context.GetOwinCo

我尝试使用此代码增加AccessFailedCount但它不起作用(在AspNetUsers表中不增加AccessFailed Count).
=>在本代码中,我的第一反应是,当用户登录失败时,增加AccessFailed计数但不能使用该代码所以请给我建议更新代码和任何事情.

var manager = Context.GetOwinContext().GetUserManager<ApplicationUserManager>();

                // find user by username first
                var user = manager.FindByName(txtUserName.Text);

                if (user != null)
                {
                        var validCredentials = manager.Find(txtUserName.Text,txtPassword.Text);

                        // When a user is lockedout,this check is done to ensure that even if the credentials are valid
                        // the user can not login until the lockout duration has passed
                        if (manager.IsLockedOut(user.Id))
                        {
                         error message;
                        }

                        // if user is subject to lockouts and the credentials are invalid
                        // record the failure and check if user is lockedout and display message,otherwise,// display the number of attempts remaining before lockout
                        else if (manager.GetLockoutEnabled(user.Id) && validCredentials == null && manager.SupportsUserLockout)
                        {
                            // Record the failure which also may cause the user to be locked out
                            manager.AccessFailed(user.Id);

                            if (manager.IsLockedOut(user.Id))
                            {
                                error message;
                            }
                            else
                            {
                                int accessFailedCount = manager.GetAccessFailedCount(user.Id);

                            }

                        }
                        else
                        {

                                    IdentityHelper.SignIn(manager,user,RememberMe.Checked);

                                    // When token is verified correctly,clear the access failed count used for lockout
                                    manager.ResetAccessFailedCount(user.Id);
                                    Response.Redirect("/Home.aspx",false);

                        }

                  }

解决方法

您可能希望查看ASP.NET Identity framework 2.1中的SignInManager类.
有关更多信息,请参阅此博客文章 ASP.NET Identity 2.1.0-alpha1

SignInManager将身份验证,帐户锁定和双因素身份验证验证过程简化为单个方法调用.

SignInStatus result = await _signInManager.PasswordSignInAsync(model.Username,model.Password,model.RememberMe,true);

然后,您可以像这样回复登录结果.

switch (result)
{
    case SignInStatus.Success:
        // Login success
    case SignInStatus.LockedOut:
        // Account locked out
    case SignInStatus.RequiresVerification:
        // Do two factor verification
    case SignInStatus.Failure:
    default:
        // Login failure
}

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!