Try our conversational search powered by Generative AI!

AI OnAI Off

Detect CMS login

James Wilkinson
James Wilkinson
Vote:
 

Hello,

Forgive me if this is a simple query or something I've missed.

I'm trying to record login activity for all CMS users. But I couldn't see any way to retrieve user login history, as there doesn't appear to be a global "OnUserLogin" event that I can hook into. And unless I'm mistaking, I don't think there is in the SqlMembershipProvider libary either.

Has anyone tackled this previously? I'd imagine it's a fairly regular use case to maintain a record of login history for auditing.

Thanks.

#197950
Edited, Oct 17, 2018 19:02
Vote:
 

Login is not really part of the product so I think there is nothing built-in.

You could replace and disable the default login page and make your own where you log login history.

Another option is to add an INSERT statment to the appropriate aspnet_Membership_* stored procedure. I don't think they have ever been changed.

#197951
Oct 17, 2018 19:53
Scott Reed
Scott Reed
Vote:
 

If you're using asp.net identity which is the OOTB providoer or even the owin provider with the standard CookingAuthenticationOptions there's an event you can hook in to for when a user logs int hat allows you to get the login of the user and the associated claims.

Check out the example below where the OnResponseSignIn = METHOD

 // Use cookie authentication
            app.UseCookieAuthentication(new CookieAuthenticationOptions
            {
                AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
                LoginPath = new PathString(LoginPath),
                Provider = new CookieAuthenticationProvider
                {
                    // If the "/util/login.aspx" has been used for login otherwise you don't need it you can remove OnApplyRedirect.
                    OnApplyRedirect = cookieApplyRedirectContext =>
                    {
                        app.CmsOnCookieApplyRedirect(cookieApplyRedirectContext, cookieApplyRedirectContext.OwinContext.Get<ApplicationSignInManager<ApplicationUser>>());
                    },

                    // Enables the application to validate the security stamp when the user logs in.
                    // This is a security feature which is used when you change a password or add an external login to your account.
                    OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<ApplicationUserManager<ApplicationUser>, ApplicationUser>(
                        validateInterval: TimeSpan.FromMinutes(30),
                        regenerateIdentity: (manager, user) => manager.GenerateUserIdentityAsync(user)),
                    OnResponseSignedIn = OnResponseSignedIn
                }
            });

Just create a method to handle this such as 

        /// <summary>
        /// Called when the user has signed in.
        /// </summary>
        /// <param name="cookieResponseSignedInContext">The cookie response signed in context.</param>
        private void OnResponseSignedIn(CookieResponseSignedInContext cookieResponseSignedInContext)
        {
}
#198004
Edited, Oct 18, 2018 16:39
* You are NOT allowed to include any hyperlinks in the post because your account hasn't associated to your company. User profile should be updated.