我正在尝试使用ASP.NET创建登录页面。我想在3次登录尝试失败后阻止用户5分钟。我没有在我的页面中使用登录控件,所以我想我不能使用会员提供商。我想做的是以下几点:
以下是我在没有实现这些内容的情况下编写的代码。有人可以帮我整合它们吗?谢谢!
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Data.SqlClient;
using System.Configuration;
using System.Data;
using BCryptLibrary;
using System.Web.Security;
namespace BootstrapRegisterLogin
{
public partial class Login : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void Button1_Click(object sender, EventArgs e)
{
String CS = ConfigurationManager.ConnectionStrings["MyDatabaseConectionString1"].ConnectionString;
using (SqlConnection con = new SqlConnection(CS))
{
using (SqlCommand verifica = new SqlCommand())
{
con.Open();
verifica.CommandText = "select * from [Users] where Username=@nume_ut";
verifica.Parameters.Add("@nume_ut", UserName.Text);
verifica.Connection = con;
verifica.ExecuteNonQuery();
using (SqlDataReader rd = verifica.ExecuteReader())
{
while (rd.Read())
{
if (Hasher.ValidatePassword(Password.Text, rd[2].ToString()))
{
con.Close();
SqlDataAdapter sda = new SqlDataAdapter(verifica);
DataTable dt = new DataTable();
sda.Fill(dt);
if (dt.Rows.Count != 0)
{
string Utype;
Utype = dt.Rows[0][6].ToString().Trim();
if (Utype == "U")
{
Session["USERNAME"] = UserName.Text;
Response.Redirect("~/UserHome.aspx");
}
if (Utype == "A")
{
Session["USERNAME"] = UserName.Text;
Response.Redirect("~/AdminHome.aspx");
}
}
}
else
{
lblError.Text = "Username sau parola invalide";
}
}
}
}
}
}
}
}