Revert "FIxes more of the auth procedure"

Signed-off-by: Bjarke Berg <mail@bergmania.dk>
2020-11-27 13:15:54 +01:00
parent ec6ac41e56
commit 348f69734b
2 changed files with 5 additions and 10 deletions
--- a/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs
@@ -216,7 +216,7 @@ namespace Umbraco.Web.BackOffice.Controllers
                return 0;
            }

-            var remainingSeconds = result.Principal.GetRemainingAuthSeconds();
+            var remainingSeconds = HttpContext.User.GetRemainingAuthSeconds();
            if (remainingSeconds <= 30)
            {
                var username = result.Principal.FindFirst(ClaimTypes.Name)?.Value;
@@ -572,17 +572,13 @@ namespace Umbraco.Web.BackOffice.Controllers
        /// </summary>
        /// <returns></returns>
        [ValidateAngularAntiForgeryToken]
-        public async Task<IActionResult> PostLogout()
+        public IActionResult PostLogout()
        {
-            // force authentication to occur since this is not an authorized endpoint
-            var result = await HttpContext.AuthenticateAsync(Constants.Security.BackOfficeAuthenticationType);
-            if (!result.Succeeded) return Ok();
-
-            await _signInManager.SignOutAsync();
+            HttpContext.SignOutAsync(Constants.Security.BackOfficeAuthenticationType);

            _logger.LogInformation("User {UserName} from IP address {RemoteIpAddress} has logged out", User.Identity == null ? "UNKNOWN" : User.Identity.Name, HttpContext.Connection.RemoteIpAddress);

-            var userId = int.Parse(result.Principal.Identity.GetUserId());
+            var userId = int.Parse(User.Identity.GetUserId());
            var args = _userManager.RaiseLogoutSuccessEvent(User, userId);
            if (!args.SignOutRedirectUrl.IsNullOrWhiteSpace())
            {
--- a/src/Umbraco.Web.BackOffice/Security/BackOfficeSignInManager.cs
+++ b/src/Umbraco.Web.BackOffice/Security/BackOfficeSignInManager.cs
@@ -200,8 +200,7 @@ namespace Umbraco.Web.Common.Security

            await Context.SignOutAsync(Constants.Security.BackOfficeAuthenticationType);
            await Context.SignOutAsync(Constants.Security.BackOfficeExternalAuthenticationType);
-            // TODO: Put this back in when we implement it
-            //await Context.SignOutAsync(Constants.Security.BackOfficeTwoFactorAuthenticationType);
+            await Context.SignOutAsync(Constants.Security.BackOfficeTwoFactorAuthenticationType);
        }