Fixed reset password for functionality

2020-08-31 13:39:29 +02:00
parent 30b1d52e67
commit 4a150859cd
5 changed files with 20 additions and 16 deletions
--- a/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs
@@ -53,6 +53,7 @@ namespace Umbraco.Web.BackOffice.Controllers
        private readonly IEmailSender _emailSender;
        private readonly Core.Hosting.IHostingEnvironment _hostingEnvironment;
        private readonly IRequestAccessor _requestAccessor;
+        private readonly LinkGenerator _linkGenerator;

        // TODO: We need to import the logic from Umbraco.Web.Editors.AuthenticationController
        // TODO: We need to review all _userManager.Raise calls since many/most should be on the usermanager or signinmanager, very few should be here
@@ -71,7 +72,8 @@ namespace Umbraco.Web.BackOffice.Controllers
            IUserPasswordConfiguration passwordConfiguration,
            IEmailSender emailSender,
            Core.Hosting.IHostingEnvironment hostingEnvironment,
-            IRequestAccessor requestAccessor)
+            IRequestAccessor requestAccessor,
+            LinkGenerator linkGenerator)
        {
            _webSecurity = webSecurity;
            _userManager = backOfficeUserManager;
@@ -87,6 +89,7 @@ namespace Umbraco.Web.BackOffice.Controllers
            _emailSender = emailSender;
            _hostingEnvironment = hostingEnvironment;
            _requestAccessor = requestAccessor;
+            _linkGenerator = linkGenerator;
        }

        /// <summary>
@@ -438,11 +441,10 @@ namespace Umbraco.Web.BackOffice.Controllers
        private string ConstructCallbackUrl(int userId, string code)
        {
            // Get an mvc helper to get the url
-            var urlHelper = new UrlHelper(ControllerContext);
-            var action = urlHelper.Action(nameof(BackOfficeController.ValidatePasswordResetCode), ControllerExtensions.GetControllerName<BackOfficeController>(),
+            var action = _linkGenerator.GetPathByAction(nameof(BackOfficeController.ValidatePasswordResetCode), ControllerExtensions.GetControllerName<BackOfficeController>(),
                new
                {
-                    area = _globalSettings.GetUmbracoMvcArea(_hostingEnvironment),
+                    area = Constants.Web.Mvc.BackOfficeArea,
                    u = userId,
                    r = code
                });
--- a/src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs
@@ -14,6 +14,7 @@ using Umbraco.Core.Configuration;
 using Umbraco.Core.Configuration.Grid;
 using Umbraco.Core.Hosting;
 using Umbraco.Core.Logging;
+using Umbraco.Core.Serialization;
 using Umbraco.Core.Services;
 using Umbraco.Core.WebAssets;
 using Umbraco.Extensions;
@@ -45,6 +46,7 @@ namespace Umbraco.Web.BackOffice.Controllers
        private readonly BackOfficeSignInManager _signInManager;
        private readonly IWebSecurity _webSecurity;
        private readonly ILogger _logger;
+        private readonly IJsonSerializer _jsonSerializer;

        public BackOfficeController(
            BackOfficeUserManager userManager,
@@ -58,7 +60,8 @@ namespace Umbraco.Web.BackOffice.Controllers
            AppCaches appCaches,
            BackOfficeSignInManager signInManager,
            IWebSecurity webSecurity,
-            ILogger logger)
+            ILogger logger,
+            IJsonSerializer jsonSerializer)

        {
            _userManager = userManager;
@@ -73,6 +76,7 @@ namespace Umbraco.Web.BackOffice.Controllers
            _signInManager = signInManager;
            _webSecurity = webSecurity;
            _logger = logger;
+            _jsonSerializer = jsonSerializer;
        }

        [HttpGet]
@@ -80,7 +84,7 @@ namespace Umbraco.Web.BackOffice.Controllers
        {
            var viewPath = Path.Combine(_globalSettings.UmbracoPath , Constants.Web.Mvc.BackOfficeArea, nameof(Default) + ".cshtml")
                .Replace("\\", "/"); // convert to forward slashes since it's a virtual path
-            
+
            return await RenderDefaultOrProcessExternalLoginAsync(
                () => View(viewPath),
                () => View(viewPath));
@@ -250,11 +254,11 @@ namespace Umbraco.Web.BackOffice.Controllers
            var user = await _userManager.FindByIdAsync(userId.ToString());
            if (user != null)
            {
-                var result = await _userManager.VerifyUserTokenAsync(user, "ResetPassword", "ResetPassword", resetCode);
+                var result = await _userManager.VerifyUserTokenAsync(user, "Default", "ResetPassword", resetCode);
                if (result)
                {
                    //Add a flag and redirect for it to be displayed
-                    TempData[ViewDataExtensions.TokenPasswordResetCode] = new ValidatePasswordResetCodeModel { UserId = userId, ResetCode = resetCode };
+                    TempData[ViewDataExtensions.TokenPasswordResetCode] =  _jsonSerializer.Serialize(new ValidatePasswordResetCodeModel { UserId = userId, ResetCode = resetCode });
                    return RedirectToLocal(Url.Action("Default", "BackOffice"));
                }
            }
--- a/src/Umbraco.Web.BackOffice/Extensions/HtmlHelperBackOfficeExtensions.cs
+++ b/src/Umbraco.Web.BackOffice/Extensions/HtmlHelperBackOfficeExtensions.cs
@@ -112,12 +112,13 @@ namespace Umbraco.Extensions
        /// <returns></returns>
        public static IHtmlContent AngularValueResetPasswordCodeInfoScript(this IHtmlHelper html, object val)
        {
+            if (val is null) return html.Raw(string.Empty);
+
            var sb = new StringBuilder();
            sb.AppendLine();
            sb.AppendLine(@"var errors = [];");

-            var errors = val as IEnumerable<string>;
-            if (errors != null)
+            if (val is IEnumerable<string> errors)
            {
                foreach (var error in errors)
                {
@@ -125,13 +126,10 @@ namespace Umbraco.Extensions
                }
            }

-            var resetCodeModel = val as ValidatePasswordResetCodeModel;
-
-
            sb.AppendLine(@"app.value(""resetPasswordCodeInfo"", {");
            sb.AppendLine(@"errors: errors,");
            sb.Append(@"resetCodeModel: ");
-            sb.AppendLine(JsonConvert.SerializeObject(resetCodeModel));
+            sb.AppendLine(val.ToString());
            sb.AppendLine(@"});");

            return html.Raw(sb.ToString());
--- a/src/Umbraco.Web.UI.NetCore/umbraco/UmbracoBackOffice/AuthorizeUpgrade.cshtml
+++ b/src/Umbraco.Web.UI.NetCore/umbraco/UmbracoBackOffice/AuthorizeUpgrade.cshtml
@@ -59,7 +59,7 @@
    document.angularReady = function (app) {

        @await Html.AngularValueExternalLoginInfoScriptAsync(signInManager, ViewData.GetExternalSignInError())
-        @Html.AngularValueResetPasswordCodeInfoScript(ViewData["PasswordResetCode"])
+        @Html.AngularValueResetPasswordCodeInfoScript(ViewData[ViewDataExtensions.TokenPasswordResetCode])

    }
    </script>
--- a/src/Umbraco.Web.UI.NetCore/umbraco/UmbracoBackOffice/Default.cshtml
+++ b/src/Umbraco.Web.UI.NetCore/umbraco/UmbracoBackOffice/Default.cshtml
@@ -107,7 +107,7 @@
    <script>
        document.angularReady = function(app) {
            @await Html.AngularValueExternalLoginInfoScriptAsync(signInManager, ViewData.GetExternalSignInError())
-            @Html.AngularValueResetPasswordCodeInfoScript(ViewData["PasswordResetCode"])
+            @Html.AngularValueResetPasswordCodeInfoScript(ViewData[ViewDataExtensions.TokenPasswordResetCode])
            @await Html.AngularValueTinyMceAssetsAsync(runtimeMinifier)
            //required for the noscript trick
            document.getElementById("mainwrapper").style.display = "inherit";