diff --git a/src/Umbraco.Web/Editors/AuthenticationController.cs b/src/Umbraco.Web/Editors/AuthenticationController.cs index ac9e8d0d52..1fecfdcf23 100644 --- a/src/Umbraco.Web/Editors/AuthenticationController.cs +++ b/src/Umbraco.Web/Editors/AuthenticationController.cs @@ -136,7 +136,7 @@ namespace Umbraco.Web.Editors if (attempt == ValidateRequestAttempt.Success) { return true; - } + } return false; } @@ -219,17 +219,15 @@ namespace Umbraco.Web.Editors //Sign the user in with username/password, this also gives a chance for developers to //custom verify the credentials and auto-link user accounts with a custom IBackOfficePasswordChecker var result = await SignInManager.PasswordSignInAsync( - loginModel.Username, loginModel.Password, isPersistent: true, shouldLockout: true); - + loginModel.Username, loginModel.Password, isPersistent: true, shouldLockout: true); + switch (result) { case SignInStatus.Success: //get the user var user = Services.UserService.GetByUsername(loginModel.Username); - - if (UserManager != null) - UserManager.RaiseLoginSuccessEvent(user.Id); + UserManager.RaiseLoginSuccessEvent(user.Id); return SetPrincipalAndReturnUserDetail(user); case SignInStatus.RequiresVerification: @@ -239,10 +237,10 @@ namespace Umbraco.Web.Editors { throw new HttpResponseException( Request.CreateErrorResponse( - HttpStatusCode.BadRequest, + HttpStatusCode.BadRequest, "UserManager does not implement " + typeof(IUmbracoBackOfficeTwoFactorOptions))); - } - + } + var twofactorView = twofactorOptions.GetTwoFactorView( TryGetOwinContext().Result, UmbracoContext, @@ -256,17 +254,16 @@ namespace Umbraco.Web.Editors typeof(IUmbracoBackOfficeTwoFactorOptions) + ".GetTwoFactorView returned an empty string")); } - var attemptedUser = Services.UserService.GetByUsername(loginModel.Username); - - //create a with information to display a custom two factor send code view + var attemptedUser = Services.UserService.GetByUsername(loginModel.Username); + + //create a with information to display a custom two factor send code view var verifyResponse = Request.CreateResponse(HttpStatusCode.PaymentRequired, new { twoFactorView = twofactorView, userId = attemptedUser.Id }); - if (UserManager != null) - UserManager.RaiseLoginRequiresVerificationEvent(attemptedUser.Id); + UserManager.RaiseLoginRequiresVerificationEvent(attemptedUser.Id); return verifyResponse; @@ -304,19 +301,18 @@ namespace Umbraco.Web.Editors var code = await UserManager.GeneratePasswordResetTokenAsync(identityUser.Id); var callbackUrl = ConstructCallbackUrl(identityUser.Id, code); - var message = Services.TextService.Localize("resetPasswordEmailCopyFormat", - //Ensure the culture of the found user is used for the email! + var message = Services.TextService.Localize("resetPasswordEmailCopyFormat", + //Ensure the culture of the found user is used for the email! UserExtensions.GetUserCulture(identityUser.Culture, Services.TextService), new[] { identityUser.UserName, callbackUrl }); await UserManager.SendEmailAsync(identityUser.Id, - Services.TextService.Localize("login/resetPasswordEmailCopySubject", - //Ensure the culture of the found user is used for the email! + Services.TextService.Localize("login/resetPasswordEmailCopySubject", + //Ensure the culture of the found user is used for the email! UserExtensions.GetUserCulture(identityUser.Culture, Services.TextService)), message); - if (UserManager != null) - UserManager.RaiseForgotPasswordRequestedEvent(user.Id); + UserManager.RaiseForgotPasswordRequestedEvent(user.Id); } } @@ -376,27 +372,23 @@ namespace Umbraco.Web.Editors throw new HttpResponseException(HttpStatusCode.NotFound); } - var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: true, rememberBrowser: false); - + var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, isPersistent: true, rememberBrowser: false); + var user = Services.UserService.GetByUsername(userName); switch (result) { case SignInStatus.Success: - if (UserManager != null) - UserManager.RaiseLoginSuccessEvent(user.Id); - + UserManager.RaiseLoginSuccessEvent(user.Id); return SetPrincipalAndReturnUserDetail(user); case SignInStatus.LockedOut: - if (UserManager != null) - UserManager.RaiseAccountLockedEvent(user.Id); - - return Request.CreateValidationErrorResponse("User is locked out"); + UserManager.RaiseAccountLockedEvent(user.Id); + return Request.CreateValidationErrorResponse("User is locked out"); case SignInStatus.Failure: default: return Request.CreateValidationErrorResponse("Invalid code"); } - } - + } + /// /// Processes a set password request. Validates the request and sets a new password. /// @@ -430,8 +422,7 @@ namespace Umbraco.Web.Editors } } - if (UserManager != null) - UserManager.RaiseForgotPasswordChangedSuccessEvent(model.UserId); + UserManager.RaiseForgotPasswordChangedSuccessEvent(model.UserId); return Request.CreateResponse(HttpStatusCode.OK); } return Request.CreateValidationErrorResponse( @@ -492,7 +483,7 @@ namespace Umbraco.Web.Editors // Get an mvc helper to get the url var http = EnsureHttpContext(); var urlHelper = new UrlHelper(http.Request.RequestContext); - var action = urlHelper.Action("ValidatePasswordResetCode", "BackOffice", + var action = urlHelper.Action("ValidatePasswordResetCode", "BackOffice", new { area = GlobalSettings.UmbracoMvcArea, @@ -504,19 +495,19 @@ namespace Umbraco.Web.Editors var applicationUri = new Uri(ApplicationContext.UmbracoApplicationUrl); var callbackUri = new Uri(applicationUri, action); return callbackUri.ToString(); - } - - + } + + private HttpContextBase EnsureHttpContext() { var attempt = this.TryGetHttpContext(); if (attempt.Success == false) throw new InvalidOperationException("This method requires that an HttpContext be active"); return attempt.Result; - } - - - + } + + + private void AddModelErrors(IdentityResult result, string prefix = "") { foreach (var error in result.Errors)