yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Dedicated cookie setup for new backoffice login (#14122)

Browse Source 
* Add a dedicated (temporary) cookie setup for new backoffice logins, so old and new backoffice can co-exist behind separate logins

* use temp management api login endpoint for authentication

* Update OpenAPI JSON

---------

Co-authored-by: Jacob Overgaard <752371+iOvergaard@users.noreply.github.com>
This commit is contained in:
Kenn Jacobsen
2023-04-19 13:32:11 +02:00
committed by GitHub
parent fff393c9ed
commit 7b62fb282f
8 changed files with 87 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/Umbraco.Cms.Api.Management/DependencyInjection/BackOfficeAuthBuilderExtensions.cs
View File

@@ -19,7 +19,8 @@ public static class BackOfficeAuthBuilderExtensions
{
builder
.AddDbContext()
.AddOpenIddict();
.AddOpenIddict()
.AddBackOfficeLogin();
return builder;
}
@@ -124,6 +125,19 @@ public static class BackOfficeAuthBuilderExtensions
return builder;
}
private static IUmbracoBuilder AddBackOfficeLogin(this IUmbracoBuilder builder)
{
builder.Services
.AddAuthentication()
.AddCookie(Constants.Security.NewBackOfficeAuthenticationType, options =>
{
options.LoginPath = "/umbraco/login";
options.Cookie.Name = Constants.Security.NewBackOfficeAuthenticationType;
});
return builder;
}
// TODO: remove this once EF is implemented
public class DatabaseManager : IHostedService
{
@@ -140,7 +154,7 @@ public static class BackOfficeAuthBuilderExtensions
// TODO: add BackOfficeAuthorizationInitializationMiddleware before UseAuthorization (to make it run for unauthorized API requests) and remove this
IBackOfficeApplicationManager backOfficeApplicationManager = scope.ServiceProvider.GetRequiredService<IBackOfficeApplicationManager>();
await backOfficeApplicationManager.EnsureBackOfficeApplicationAsync(new Uri("https://localhost:44331/"), cancellationToken);
await backOfficeApplicationManager.EnsureBackOfficeApplicationAsync(new Uri("https://localhost:44339/"), cancellationToken);
}
public Task StopAsync(CancellationToken cancellationToken) => Task.CompletedTask;