Geek Answers Handbook

Mvc generate captcha after failed login attempt

so I was able to get my recaptcha work to work, but my problem is that I want it to appear only after 3 attempts. one of the options that I have is to redirect the user to a view that will already have an identifier (duplicate login, but using captcha), and then log in through this page. is there any other option? I feel that partial views can cause problems with the message on the page. What do you think is the best way to create a captcha?

<% using(Html.BeginForm()) {%> <%: Html.AntiForgeryToken() %> <%: Html.ValidationSummary() %> <label>Username:</label> <%: Html.TextBoxFor(m => m.Username) %> <br /><br /> <label>Password:</label> <%: Html.PasswordFor(m => m.Password) %> <br /><br /> <input type="submit" value="Login" /> <%: Html.ActionLink("Register", "Register", "") %> <%: Html.ActionLink("Forgot Password", "Password", "") %> <%: Html.ActionLink("Forgot Username", "Username", "") %> <%: ReCaptcha.GetHtml(publicKey: "thisismykey", theme: "red") %> <% } %>

thanking G

+2
asp.net-mvc captcha recaptcha partial-views
source share
1 answer

You pass the model (hopefully ViewModel). Why not add NumberOfFailedLogins to it?

Then you could just put some code around Recaptcha saying

 <%: if (Model.NumberofFailedLogins > 3) { %> <%: ReCaptcha.GetHtml(publicKey: "thisismykey", theme: "red") %> <% } %>

NOTE. I use Razor syntax, so I apologize if the above is not ideal. I'm sure you got this idea!

Obviously, you need to update NumberOfFailedLogins backstage!

EDIT: Just to clarify, the number of failed login attempts should be recorded in the membership database backstage automatically (the action of the login attempt should do this, note that the ASP.NET Membership Provider automatically records the number of consecutive failed login attempts out of the box), and it is from there that the ViewModel gets this information. Therefore, it doesn’t matter if you use a bot to try to harm your path, it can still be represented using ReCaptcha after three attempts (and, of course, it can be blocked if necessary).

+3
source share

More articles:


All Articles