diff --git a/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umblogin.directive.js b/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umblogin.directive.js index 672a00e27c..7fb75c45e6 100644 --- a/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umblogin.directive.js +++ b/src/Umbraco.Web.UI.Client/src/common/directives/components/application/umblogin.directive.js @@ -16,7 +16,6 @@ function UmbLoginController($scope, $location, currentUserResource, formHelper, mediaHelper, umbRequestHelper, Upload, localizationService, userService, externalLoginInfo, resetPasswordCodeInfo, $timeout, authResource, $q) { const vm = this; - let twoFactorloginDialog = null; vm.invitedUser = null; @@ -69,7 +68,9 @@ ).then(function (data) { vm.labels.usernameLabel = data[0]; vm.labels.usernamePlaceholder = data[1]; - }) + }); + + vm.twoFactor = {}; function onInit() { @@ -187,15 +188,18 @@ vm.view = "set-password"; } - function loginSubmit(login, password) { - + function loginSubmit() { + + // make sure that we are returning to the login view. + vm.view = "login"; + // TODO: Do validation properly like in the invite password update //if the login and password are not empty we need to automatically // validate them - this is because if there are validation errors on the server // then the user has to change both username & password to resubmit which isn't ideal, // so if they're not empty, we'll just make sure to set them to valid. - if (login && password && login.length > 0 && password.length > 0) { + if (vm.login && vm.password && vm.login.length > 0 && vm.password.length > 0) { vm.loginForm.username.$setValidity('auth', true); vm.loginForm.password.$setValidity('auth', true); } @@ -206,7 +210,7 @@ vm.loginStates.submitButton = "busy"; - userService.authenticate(login, password) + userService.authenticate(vm.login, vm.password) .then(function (data) { vm.loginStates.submitButton = "success"; userService._retryRequestQueue(true); @@ -219,7 +223,7 @@ //is Two Factor required? if (reason.status === 402) { vm.errorMsg = "Additional authentication required"; - show2FALoginDialog(reason.data.twoFactorView, submit); + show2FALoginDialog(reason.data.twoFactorView); } else { vm.loginStates.submitButton = "error"; @@ -403,8 +407,12 @@ }); } - function show2FALoginDialog(view, callback) { - // TODO: show 2FA window + function show2FALoginDialog(viewPath) { + vm.twoFactor.submitCallback = function submitCallback() { + vm.onLogin(); + } + vm.twoFactor.view = viewPath; + vm.view = "2fa-login"; } function resetInputValidation() { diff --git a/src/Umbraco.Web.UI.Client/src/views/components/application/umb-login.html b/src/Umbraco.Web.UI.Client/src/views/components/application/umb-login.html index d5dc203d67..baf9af916c 100644 --- a/src/Umbraco.Web.UI.Client/src/views/components/application/umb-login.html +++ b/src/Umbraco.Web.UI.Client/src/views/components/application/umb-login.html @@ -146,7 +146,7 @@ -
+
{{vm.errorMsg}}
@@ -258,6 +258,11 @@ Return to login form
+ +
+
+
+ diff --git a/src/Umbraco.Web/Editors/AuthenticationController.cs b/src/Umbraco.Web/Editors/AuthenticationController.cs index cafb85c3b4..c2c481e8e4 100644 --- a/src/Umbraco.Web/Editors/AuthenticationController.cs +++ b/src/Umbraco.Web/Editors/AuthenticationController.cs @@ -329,7 +329,7 @@ namespace Umbraco.Web.Editors public async Task> Get2FAProviders() { var userId = await SignInManager.GetVerifiedUserIdAsync(); - if (userId < 0) + if (userId == int.MinValue) { Logger.Warn("Get2FAProviders :: No verified user found, returning 404"); throw new HttpResponseException(HttpStatusCode.NotFound); @@ -345,7 +345,7 @@ namespace Umbraco.Web.Editors throw new HttpResponseException(HttpStatusCode.NotFound); var userId = await SignInManager.GetVerifiedUserIdAsync(); - if (userId < 0) + if (userId == int.MinValue) { Logger.Warn("Get2FAProviders :: No verified user found, returning 404"); throw new HttpResponseException(HttpStatusCode.NotFound); @@ -475,8 +475,7 @@ namespace Umbraco.Web.Editors if (UserManager != null) { - var userId = -1; - int.TryParse(User.Identity.GetUserId(), out userId); + int.TryParse(User.Identity.GetUserId(), out var userId); UserManager.RaiseLogoutSuccessEvent(userId); } diff --git a/src/Umbraco.Web/Security/BackOfficeSignInManager.cs b/src/Umbraco.Web/Security/BackOfficeSignInManager.cs index 3ce72852bf..b33487bc8d 100644 --- a/src/Umbraco.Web/Security/BackOfficeSignInManager.cs +++ b/src/Umbraco.Web/Security/BackOfficeSignInManager.cs @@ -227,7 +227,7 @@ namespace Umbraco.Web.Security } /// - /// Get the user id that has been verified already or -1. + /// Get the user id that has been verified already or int.MinValue if the user has not been verified yet /// /// /// @@ -240,7 +240,7 @@ namespace Umbraco.Web.Security { return ConvertIdFromString(result.Identity.GetUserId()); } - return -1; + return int.MinValue; } /// @@ -269,12 +269,12 @@ namespace Umbraco.Web.Security /// This is implemented because we cannot override GetVerifiedUserIdAsync and instead we have to shadow it /// so due to this and because we are using an INT as the TKey and not an object, it can never be null. Adding to that /// the default(int) value returned by the base class is always a valid user (i.e. the admin) so we just have to duplicate - /// all of this code to check for -1 instead. + /// all of this code to check for int.MinValue /// public override async Task TwoFactorSignInAsync(string provider, string code, bool isPersistent, bool rememberBrowser) { var userId = await GetVerifiedUserIdAsync(); - if (userId == -1) + if (userId == int.MinValue) { return SignInStatus.Failure; } @@ -306,12 +306,12 @@ namespace Umbraco.Web.Security /// This is implemented because we cannot override GetVerifiedUserIdAsync and instead we have to shadow it /// so due to this and because we are using an INT as the TKey and not an object, it can never be null. Adding to that /// the default(int) value returned by the base class is always a valid user (i.e. the admin) so we just have to duplicate - /// all of this code to check for -1 instead. + /// all of this code to check for int.MinVale instead. /// public override async Task SendTwoFactorCodeAsync(string provider) { var userId = await GetVerifiedUserIdAsync(); - if (userId == -1) + if (userId == int.MinValue) return false; var token = await UserManager.GenerateTwoFactorTokenAsync(userId, provider);