I have a service that locks the user from doing actions on an Id, called "LockingService",
I also have 2 different things that need to be locked:
- (MembershipService) Login - if a user tried to login with a membership number more than 3 times - the membership number is locked.
- (OtherService) If a user tried to put invalid credentials - their session is locked.
The service doesn't distinguish the two.
Described is one of the flows (for the login) that currently exists on the controller:
if(LockingService.IsLocked(membershipNumber))
return View(dto);
if(MembershipService.login(membershipNumber)) {
... some actions that always
return dto;
}
else {
LockingService.AddToFailedAttempts(membershipNumber);
return dto; // with errors
}
I believe this flow an logic should not reside in the controller.
Suggestions of general comments would be much appreciated.
Thanks.
Aucun commentaire:
Enregistrer un commentaire