使用C#锁定ASP.Net 4.0中的帐户 [英] Lock Account in ASP.Net 4.0 with C#

问题描述

大家好，再次返回.在我的代码中，我捕获了3次失败的登录尝试.之后，用户将被重定向到通知他们与我们联系的页面.在那段代码中，有什么方法可以锁定帐户?我当时正在考虑以某种方式使用SessionId.
用户必须输入用户名和密码，因此，如果他们输入错误的用户名，我将无法按名称跟踪该用户.我没有使用ASP.NET网站管理员.工具.我们正在使用数据库对用户进行身份验证.谢谢您的投入.

D-Bar

Hi All, Back again. In my code I am capturing 3 failed login attempts. After which the user gets redirected to a page notifying them to contact us. Is there a way in that section of code to lock account? I was thinking of using SessionId somehow.
The user must enter username and password, so if they mistype their username I can''t keep track of that user by name. I am not using ASP.NET Web Site Admin. Tool. We are using database to authenticate the users. Thank-you for any input.

D-Bar

推荐答案

在用户凭据数据库中再添加两个列，一个是lockUser(整数和初始值0)，另一个是LockTimeStamp(日期时间). >
通过其凭据(用户名和密码)对用户进行身份验证.如果失败，则检查用户名是否与数据库用户名匹配.如果是，则将lockUser值增加1，直到达到3.一旦达到，您就知道要做什么.

您需要确定两次失败尝试之间的持续时间，该用户尝试在30分钟后重新登录，然后您就不能再尝试第二次失败尝试了.这可能是第一次尝试.以及您要实现的方法以及如何实现:)

让我们暂时花5分钟.

当您想查看连续3次尝试失败时，请参见LockTimeStamp列.每次用户登录失败时，您都将增加lockUser值，并将当前的DateTime放入LockTimeStamp中.因此，下一次失败的尝试时间可以与以前的时间戳进行比较，根据该时间戳是何时发生的，您可以增加lcck的值，或者只是更新LockTimpeStamp并重新将lockUser列初始化为0.

用户成功登录后，只需清除两列即可.

如果用户尝试在5分钟后登录，则lockUser将为0，当前日期时间将为
是LockTimeStamp的值.

如果用户在用户名中输入拼写错误，您将无法做很多事情.顺其自然:)

到达第3页后，您可以重定向到另一页并重新初始化两列的值.

该解决方案可能存在一些陷阱，您认为深入的话它将越走越好..
它可以让您早日解决问题.

希望这会有所帮助:)

Add two more coloumns in the User credentials database, One is lockUser (int & initial value 0) & Another LockTimeStamp (DateTime).

Authenticate user by their credentials(User Name & Password).. if it fails then check User Name is matching with Database UserNames. If it is then increase the lockUser value by one, till it reaches to 3. once it reaches to it you know what to do.

you need to decide time duration between failed attempt, it user tries to re-login after 30 mins then you cant take as second failed attempt. it could be first attempt. well its up to you what you want implement & how :)

Lets take 5 mins for a time being.

see LockTimeStamp column is useful when you want to see continuous failed 3 attempts, Every time user failed to login at that time you will increasing the lockUser value as well as put the current DateTime in the LockTimeStamp. so next failed attempt time you can check with previously timestamp, when did that happened according to that you can increase value of lcck or just update the LockTimpeStamp & reinitialize the lockUser column to 0.

When User login successfully, Just clear the both columns.

If user tries to login after 5 mins then lockUser will be 0 & current Date Time will
be LockTimeStamp''s value.

You cant do much if user making spelling mistake in the username. Let it be :)

Once reached it to the 3, you can redirect to your another page & just reinitialize the both columns value.

This solution could be having some pitfalls, The deep you think the more it will go..
It could give you head start to your problem.

Hope this helps :)

这篇关于使用C#锁定ASP.Net 4.0中的帐户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！