我想表明一個錯誤給用戶後5失敗的登錄嘗試,然後鎖定了她,我設置在web.config中鎖定用戶之後五次失敗的登錄嘗試,並顯示在MVC3錯誤Asp.net
maxInvalidPasswordAttempts="5"
現在我想檢查LogOn控制器中的用戶登錄嘗試,並且如果此參數超過5則發送錯誤,我如何計算用戶登錄嘗試並檢查它? 這裏是我的控制器:
//
// GET: /Account/LogOn
public ActionResult LogOn()
{
return View();
}
//
// POST: /Account/LogOn
[HttpPost]
public ActionResult LogOn(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
if (Url.IsLocalUrl(returnUrl) && returnUrl.Length > 1 && returnUrl.StartsWith("/")
&& !returnUrl.StartsWith("//") && !returnUrl.StartsWith("/\\"))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
想要阻止連續登錄?或從一個IP? –