Fixes: U4-7536 Sign-out in back office will call all ASP.Net identity middleware sign out methods
publicises a few things too.
This commit is contained in:
Shannon
@@ -206,7 +206,7 @@ namespace Umbraco.Core
|
||||
/// </summary>
|
||||
internal const string StandardPropertiesGroupName = "Membership";
|
||||
|
||||
internal static Dictionary<string, PropertyType> GetStandardPropertyTypeStubs()
|
||||
public static Dictionary<string, PropertyType> GetStandardPropertyTypeStubs()
|
||||
{
|
||||
return new Dictionary<string, PropertyType>
|
||||
{
|
||||
|
||||
@@ -357,7 +357,9 @@ namespace Umbraco.Core.Security
|
||||
{
|
||||
//TODO: Do we need to do more here?? need to make sure that the forms cookie is gone, but is that
|
||||
// taken care of in our custom middleware somehow?
|
||||
ctx.Authentication.SignOut();
|
||||
ctx.Authentication.SignOut(
|
||||
Core.Constants.Security.BackOfficeAuthenticationType,
|
||||
Core.Constants.Security.BackOfficeExternalAuthenticationType);
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -97,7 +97,7 @@ namespace Umbraco.Web.Editors
|
||||
if (result.Succeeded)
|
||||
{
|
||||
var user = await UserManager.FindByIdAsync(User.Identity.GetUserId<int>());
|
||||
await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
|
||||
await SignInManager.SignInAsync(user, isPersistent: true, rememberBrowser: false);
|
||||
return Request.CreateResponse(HttpStatusCode.OK);
|
||||
}
|
||||
else
|
||||
@@ -240,7 +240,9 @@ namespace Umbraco.Web.Editors
|
||||
[ValidateAngularAntiForgeryToken]
|
||||
public HttpResponseMessage PostLogout()
|
||||
{
|
||||
Request.TryGetOwinContext().Result.Authentication.SignOut();
|
||||
Request.TryGetOwinContext().Result.Authentication.SignOut(
|
||||
Core.Constants.Security.BackOfficeAuthenticationType,
|
||||
Core.Constants.Security.BackOfficeExternalAuthenticationType);
|
||||
|
||||
Logger.Info<AuthenticationController>("User {0} from IP address {1} has logged out",
|
||||
() => User.Identity == null ? "UNKNOWN" : User.Identity.Name,
|
||||
|
||||
@@ -2,11 +2,8 @@ namespace Umbraco.Web
|
||||
{
|
||||
/// <summary>
|
||||
/// Used to retrieve the Umbraco context
|
||||
/// </summary>
|
||||
/// <remarks>
|
||||
/// TODO: We could expose this to make working with UmbracoContext easier if we were to use it throughout the codebase
|
||||
/// </remarks>
|
||||
internal interface IUmbracoContextAccessor
|
||||
/// </summary>
|
||||
public interface IUmbracoContextAccessor
|
||||
{
|
||||
UmbracoContext Value { get; }
|
||||
}
|
||||
|
||||
@@ -131,7 +131,7 @@ namespace Umbraco.Web.Security
|
||||
var userData = Mapper.Map<UserData>(user);
|
||||
_httpContext.SetPrincipalForRequest(userData);
|
||||
|
||||
SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false).Wait();
|
||||
SignInManager.SignInAsync(user, isPersistent: true, rememberBrowser: false).Wait();
|
||||
return TimeSpan.FromMinutes(GlobalSettings.TimeOutInMinutes).TotalSeconds;
|
||||
}
|
||||
|
||||
@@ -162,7 +162,9 @@ namespace Umbraco.Web.Security
|
||||
public virtual void ClearCurrentLogin()
|
||||
{
|
||||
_httpContext.UmbracoLogout();
|
||||
_httpContext.GetOwinContext().Authentication.SignOut();
|
||||
_httpContext.GetOwinContext().Authentication.SignOut(
|
||||
Core.Constants.Security.BackOfficeAuthenticationType,
|
||||
Core.Constants.Security.BackOfficeExternalAuthenticationType);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
||||
@@ -19,7 +19,9 @@ namespace Umbraco.Web.WebApi.Filters
|
||||
|
||||
//this calls the underlying owin sign out logic - which should call the
|
||||
// auth providers middleware callbacks if using custom auth middleware
|
||||
context.Request.TryGetOwinContext().Result.Authentication.SignOut();
|
||||
context.Request.TryGetOwinContext().Result.Authentication.SignOut(
|
||||
Core.Constants.Security.BackOfficeAuthenticationType,
|
||||
Core.Constants.Security.BackOfficeExternalAuthenticationType);
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user