private ActionResult ValidateLogon(UserProfile userProfile, LogOnModel model, string url, ref int failedLogins, ref bool mustResetPassword)
{
if (userProfile == null)
{
TempData["UserFeedback"] = "We couldn't find you in our system yet. Fill out the form below to create your profile.";
return RedirectToAction("Register", "Account", new { returnUrl = url });
}
if (!userProfile.IsActivated)
{
return RedirectToAction("AwaitingActivation", "Account", new { returnUrl = url });
}
User user = userProfile.Users.FirstOrDefault();
if (user != null)
{
failedLogins = user.FailedLoginAttempts;
mustResetPassword = user.ForcePasswordChange;
}
if (failedLogins > MembershipService.MaxInvalidPasswordAttempts
&& TempData["LastLogOnAttempt"] != null)
{
var now = DateTime.Now;
var lastAttemptedOn = (DateTime) TempData["LastLogOnAttempt"];
var secondsToSleep = CalculateSleepSeconds(failedLogins, MembershipService.MaxInvalidPasswordAttempts);
var unlockOn = lastAttemptedOn.AddSeconds(secondsToSleep);
if (unlockOn > now)
{
var elapsed = Convert.ToInt32((now - lastAttemptedOn).TotalSeconds);
var remaining = secondsToSleep > elapsed ? secondsToSleep - elapsed : 0;
model.RemainingSeconds = remaining;
model.LastLoginAttempt = lastAttemptedOn;
TempData["UserFeedback"] = string.Format("You still have {0} seconds left before you can try logging in again.", remaining);
return RedirectToAction("LogOn");
}
}
return null;
}