Merge remote-tracking branch 'origin/netcore/netcore' into netcore/bugfix/reset_password

# Conflicts: # src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs # src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs
2020-09-22 19:35:49 +02:00
parent 7b465de164 0ea251945b
commit 60424dd54f
888 changed files with 13547 additions and 13855 deletions
--- a/src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/BackOfficeController.cs
@@ -5,15 +5,17 @@ using System.IO;
 using System.Linq;
 using System.Threading;
 using System.Threading.Tasks;
-using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
 using Umbraco.Core;
 using Umbraco.Core.BackOffice;
 using Umbraco.Core.Cache;
 using Umbraco.Core.Configuration;
 using Umbraco.Core.Configuration.Grid;
+using Umbraco.Core.Configuration.Models;
 using Umbraco.Core.Hosting;
 using Umbraco.Core.Logging;
+using Umbraco.Core.Security;
 using Umbraco.Core.Serialization;
 using Umbraco.Core.Services;
 using Umbraco.Core.WebAssets;
@@ -30,51 +32,49 @@ using Constants = Umbraco.Core.Constants;

 namespace Umbraco.Web.BackOffice.Controllers
 {
-
+    //[UmbracoRequireHttps] //TODO Reintroduce
+    [DisableBrowserCache]
    [PluginController(Constants.Web.Mvc.BackOfficeArea)]
    public class BackOfficeController : Controller
    {
-        private readonly BackOfficeUserManager _userManager;
+        private readonly IBackOfficeUserManager _userManager;
        private readonly IRuntimeMinifier _runtimeMinifier;
-        private readonly IGlobalSettings _globalSettings;
+        private readonly GlobalSettings _globalSettings;
        private readonly IHostingEnvironment _hostingEnvironment;
-        private readonly IUmbracoContextAccessor _umbracoContextAccessor;
        private readonly ILocalizedTextService _textService;
        private readonly IGridConfig _gridConfig;
        private readonly BackOfficeServerVariables _backOfficeServerVariables;
        private readonly AppCaches _appCaches;
        private readonly BackOfficeSignInManager _signInManager;
-        private readonly IWebSecurity _webSecurity;
+        private readonly IBackofficeSecurityAccessor _backofficeSecurityAccessor;
        private readonly ILogger _logger;
        private readonly IJsonSerializer _jsonSerializer;

        public BackOfficeController(
-            BackOfficeUserManager userManager,
+            IBackOfficeUserManager userManager,
            IRuntimeMinifier runtimeMinifier,
-            IGlobalSettings globalSettings,
+            IOptions<GlobalSettings> globalSettings,
            IHostingEnvironment hostingEnvironment,
-            IUmbracoContextAccessor umbracoContextAccessor,
            ILocalizedTextService textService,
            IGridConfig gridConfig,
            BackOfficeServerVariables backOfficeServerVariables,
            AppCaches appCaches,
            BackOfficeSignInManager signInManager,
-            IWebSecurity webSecurity,
+            IBackofficeSecurityAccessor backofficeSecurityAccessor,
            ILogger logger,
            IJsonSerializer jsonSerializer)

        {
            _userManager = userManager;
            _runtimeMinifier = runtimeMinifier;
-            _globalSettings = globalSettings;
+            _globalSettings = globalSettings.Value;
            _hostingEnvironment = hostingEnvironment;
-            _umbracoContextAccessor = umbracoContextAccessor;
            _textService = textService;
            _gridConfig = gridConfig ?? throw new ArgumentNullException(nameof(gridConfig));
            _backOfficeServerVariables = backOfficeServerVariables;
            _appCaches = appCaches;
            _signInManager = signInManager;
-            _webSecurity = webSecurity;
+            _backofficeSecurityAccessor = backofficeSecurityAccessor;
            _logger = logger;
            _jsonSerializer = jsonSerializer;
        }
@@ -96,7 +96,7 @@ namespace Umbraco.Web.BackOffice.Controllers
            //if you are hitting VerifyInvite, you're already signed in as a different user, and the token is invalid
            //you'll exit on one of the return RedirectToAction(nameof(Default)) but you're still logged in so you just get
            //dumped at the default admin view with no detail
-            if (_webSecurity.IsAuthenticated())
+            if (_backofficeSecurityAccessor.BackofficeSecurity.IsAuthenticated())
            {
                await _signInManager.SignOutAsync();
            }
@@ -189,7 +189,7 @@ namespace Umbraco.Web.BackOffice.Controllers
        [HttpGet]
        public Dictionary<string, Dictionary<string, string>> LocalizedText(string culture = null)
        {
-            var isAuthenticated = _webSecurity.IsAuthenticated();
+            var isAuthenticated = _backofficeSecurityAccessor.BackofficeSecurity.IsAuthenticated();

            var cultureInfo = string.IsNullOrWhiteSpace(culture)
                //if the user is logged in, get their culture, otherwise default to 'en'