用户登录 错误次数 自动解锁
出于安全性问题,默认输入三次错误信息登录后会自动锁定用户。
在数据库里就一个字段,手动改回来也行。
但最好能有自动解锁的功能。哈哈。
下面参考了国外的文章弄了一下,可行。
web.config memship下加了一个配置信息autounlocksample
在App_Data文件夹下新建了一个类AutoUnlockProvider
login.aspx中需要用自己写的类中的方法来验证用户。
欢迎交流。
在数据库里就一个字段,手动改回来也行。
但最好能有自动解锁的功能。哈哈。
下面参考了国外的文章弄了一下,可行。
web.config memship下加了一个配置信息autounlocksample
<membership defaultProvider="SQLProvider" userIsOnlineTimeWindow="15">
<providers>
<clear/>
<add name="SQLProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="SQL_UINIRMS" applicationName="UINIRMS" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"/>
<add name="autounlocksample" type="AutoUnlockProvider" connectionStringName="SQL_UINIRMS" autoUnlockTimeout="2" applicationName="UINIRMS"/>
</providers>
</membership>
<providers>
<clear/>
<add name="SQLProvider" type="System.Web.Security.SqlMembershipProvider" connectionStringName="SQL_UINIRMS" applicationName="UINIRMS" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="true" requiresUniqueEmail="true" passwordFormat="Hashed" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="1" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10"/>
<add name="autounlocksample" type="AutoUnlockProvider" connectionStringName="SQL_UINIRMS" autoUnlockTimeout="2" applicationName="UINIRMS"/>
</providers>
</membership>
在App_Data文件夹下新建了一个类AutoUnlockProvider
1 using System;
2 using System.Web.Security;
3 public class AutoUnlockProvider :SqlMembershipProvider
4 {
5 private int autoUnlockTimeout = 2; //Default to 60 minutes
6 public override void Initialize(string name,
7 System.Collections.Specialized.NameValueCollection config)
8 {
9 string sunlockTimeOut = config["autoUnlockTimeout"];
10 if (!String.IsNullOrEmpty(sunlockTimeOut))
11 autoUnlockTimeout = Int32.Parse(sunlockTimeOut);
12 config.Remove("autoUnlockTimeout");
13 base.Initialize(name, config);
14 }
15
16 //other provider overrides
17 public override bool ValidateUser(string username, string password)
18 {
19 bool retval =Membership.ValidateUser(username, password);
20 //The account may be locked out at this point
21 if (retval == false)
22 {
23 bool successfulUnlock = AutoUnlockUser(username);
24 if (successfulUnlock)
25 //re-attempt the login
26 return Membership.ValidateUser(username, password);
27 else
28 return false;
29 }
30 else
31 return retval; //first login was successful
32 }
33
34 private bool AutoUnlockUser(string username)
35 {
36 MembershipUser mu = Membership.GetUser(username, false);
37 if ((mu != null) &&
38 (mu.IsLockedOut) &&
39 (mu.LastLockoutDate.ToUniversalTime().AddMinutes(
40 autoUnlockTimeout)
41 < DateTime.UtcNow)
42 )
43 {
44 bool retval = mu.UnlockUser();
45 if (retval)
46 return true;
47 else
48 return false; //something went wrong with the unlock
49 }
50 else
51 return false; //not locked out in the first place
52 //or still in lockout period
53 }
54 }
2 using System.Web.Security;
3 public class AutoUnlockProvider :SqlMembershipProvider
4 {
5 private int autoUnlockTimeout = 2; //Default to 60 minutes
6 public override void Initialize(string name,
7 System.Collections.Specialized.NameValueCollection config)
8 {
9 string sunlockTimeOut = config["autoUnlockTimeout"];
10 if (!String.IsNullOrEmpty(sunlockTimeOut))
11 autoUnlockTimeout = Int32.Parse(sunlockTimeOut);
12 config.Remove("autoUnlockTimeout");
13 base.Initialize(name, config);
14 }
15
16 //other provider overrides
17 public override bool ValidateUser(string username, string password)
18 {
19 bool retval =Membership.ValidateUser(username, password);
20 //The account may be locked out at this point
21 if (retval == false)
22 {
23 bool successfulUnlock = AutoUnlockUser(username);
24 if (successfulUnlock)
25 //re-attempt the login
26 return Membership.ValidateUser(username, password);
27 else
28 return false;
29 }
30 else
31 return retval; //first login was successful
32 }
33
34 private bool AutoUnlockUser(string username)
35 {
36 MembershipUser mu = Membership.GetUser(username, false);
37 if ((mu != null) &&
38 (mu.IsLockedOut) &&
39 (mu.LastLockoutDate.ToUniversalTime().AddMinutes(
40 autoUnlockTimeout)
41 < DateTime.UtcNow)
42 )
43 {
44 bool retval = mu.UnlockUser();
45 if (retval)
46 return true;
47 else
48 return false; //something went wrong with the unlock
49 }
50 else
51 return false; //not locked out in the first place
52 //or still in lockout period
53 }
54 }
login.aspx中需要用自己写的类中的方法来验证用户。
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
if (new AutoUnlockProvider().ValidateUser(Login1.UserName, Login1.Password))
{
if (new AutoUnlockProvider().ValidateUser(Login1.UserName, Login1.Password))
欢迎交流。