How to use session to allow user enter 3 login attempt failed account or password ?

Question

1.00/5 (1 vote)

See more:

I work on web application asp.net mvc core .net 5 i can't modify action login

to accept 3 login attempt failed only .

if he try with wrong password or wrong email account after that then block it .

so how to using session to allow user enter three time password wrong

after three time account will blocked

can you help me by solution general working as session without using identity membership so i can use it on another login or another logic

What I have tried:

[HttpPost]
   public async Task<IActionResult> Login(LoginVM loginVM)
   {
    if (!ModelState.IsValid) return View(loginVM);

    var user = await _userManager.FindByEmailAsync(loginVM.EmailAddress);
    if(user != null)
    {
        var passwordCheck = await _userManager.CheckPasswordAsync(user, loginVM.Password);
        if (passwordCheck)
        {
            var result = await _signInManager.PasswordSignInAsync(user, loginVM.Password, false, false);
            if (result.Succeeded)
            {
                return RedirectToAction("Index", "Movies");
            }
        }
        TempData["Error"] = "Wrong credentials. Please, try again!";
        return View(loginVM);
    }

    TempData["Error"] = "Wrong credentials. Please, try again!";
    return View(loginVM);
}

Posted 1-Dec-22 12:36pm

ahmed_sa

Updated 1-Dec-22 23:03pm

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Richard Deeming · Accepted Answer · 2022-12-01T23:03:00

Solution 1

Configure ASP.NET Core Identity | Microsoft Learn[^]

The documentation clearly describes how to enable, configure, and use the lockout feature.

Posted 1-Dec-22 23:03pm

Richard Deeming