As a newbie, seeking help for the below scenario.
I am using ASP LoginView control, and have the corresponding event handlers. For every incorrect login attempt, I am storing the attempt count and user details, If max count is reached I disable the user. When the user tries to Login next time, i check if the user is enabled/disabled and if disabled need to stop the execution and block the login action.
I tried to use
return;
in the onLoggingIn method but this does not stop the execution and still continues the login action.
ASPX Code :
<asp:loginView id="loginView" runat="server">
<AnonymousTemplate>
<asp:login id="login1" runat="server"
OnLoggedIn="Login1_onLoggedIn"
OnLoggingIn="Login1_onLoggingIn"
OnLoginError="Login1_onLoginError"
<LayoutTemplate>
<asp:Textbox ID="username" runat="server" />
<asp:Textbox ID="password" runat="server" />
<asp:Button ID = "LoginButton" runat="server" Command="Login" />
</LayoutTemplate>
</asp:login>
</AnonymousTemplate>
</asp:loginView>
CS Code:
protected void Page_load(object sender,EventArgs e)
{
}
protected void Login1_onLoggingIn(object sender,EventArgs e)
{
// This method is called when user clicked on Login Button.
// Checking if the user is enabled or disabled.
// If user disabled - show error message and need to stop the execution here and not go further
// Tried return; - but execution still continue.
}
protected void Login1_onLoggedIn(object sender,EventArgs e)
{
// This method is called when user is logged.
}
protected void Login1_onLoginError(object sender,EventArgs e)
{
// This method is called on incorrect login attempt and store the count and user detail in DB
// If max incorrect login attempts reached, user marked as disabled for specific time limit.
}
If anyone can guide how can I check the user enabled/disabled and if user disabled, how can I stop the method execution and prevent the flow to continue.
Thanks in advance
CodePudding user response:
For cancelling the execution of the OnLoggingIn
method, you may use the CancelEventArgs.Cancel
property:
protected void Login1_onLoggingIn(object sender,System.Web.UI.WebControls.LoginCancelEventArgs e)
{
var userDisabled= CheckIfUserIsDisabled(); //Implement this
if (isUserDisabled)
{
// Show an error message.
login1.FailureText = "Your account is disabled";
e.Cancel = true;// Here is the point
}
}