diff --git a/src/SQLCE4Umbraco/app.config b/src/SQLCE4Umbraco/app.config
index cbd44424ac..1f5a6442ad 100644
--- a/src/SQLCE4Umbraco/app.config
+++ b/src/SQLCE4Umbraco/app.config
@@ -8,7 +8,7 @@
-
+
diff --git a/src/Umbraco.Core/HttpContextExtensions.cs b/src/Umbraco.Core/HttpContextExtensions.cs
new file mode 100644
index 0000000000..b4e420dc42
--- /dev/null
+++ b/src/Umbraco.Core/HttpContextExtensions.cs
@@ -0,0 +1,45 @@
+using System.Web;
+
+namespace Umbraco.Core
+{
+ public static class HttpContextExtensions
+ {
+ public static string GetCurrentRequestIpAddress(this HttpContextBase httpContext)
+ {
+ if (httpContext == null)
+ {
+ return "Unknown, httpContext is null";
+ }
+ if (httpContext.Request == null)
+ {
+ return "Unknown, httpContext.Request is null";
+ }
+ if (httpContext.Request.ServerVariables == null)
+ {
+ return "Unknown, httpContext.Request.ServerVariables is null";
+ }
+
+ // From: http://stackoverflow.com/a/740431/5018
+
+ try
+ {
+ var ipAddress = httpContext.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
+
+ if (string.IsNullOrEmpty(ipAddress))
+ return httpContext.Request.ServerVariables["REMOTE_ADDR"];
+
+ var addresses = ipAddress.Split(',');
+ if (addresses.Length != 0)
+ return addresses[0];
+
+ return httpContext.Request.ServerVariables["REMOTE_ADDR"];
+ }
+ catch (System.Exception ex)
+ {
+ //This try catch is to just always ensure that no matter what we're not getting any exceptions caused since
+ // that would cause people to not be able to login
+ return string.Format("Unknown, exception occurred trying to resolve IP {0}", ex);
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/src/Umbraco.Core/Security/MembershipProviderBase.cs b/src/Umbraco.Core/Security/MembershipProviderBase.cs
index e39919d291..794c8fda2d 100644
--- a/src/Umbraco.Core/Security/MembershipProviderBase.cs
+++ b/src/Umbraco.Core/Security/MembershipProviderBase.cs
@@ -4,6 +4,7 @@ using System.Configuration.Provider;
using System.Security.Cryptography;
using System.Text;
using System.Text.RegularExpressions;
+using System.Web;
using System.Web.Configuration;
using System.Web.Hosting;
using System.Web.Security;
@@ -906,5 +907,15 @@ namespace Umbraco.Core.Security
return sb.ToString();
}
+ ///
+ /// Returns the current request IP address for logging if there is one
+ ///
+ ///
+ protected string GetCurrentRequestIpAddress()
+ {
+ var httpContext = HttpContext.Current == null ? (HttpContextBase) null : new HttpContextWrapper(HttpContext.Current);
+ return httpContext.GetCurrentRequestIpAddress();
+ }
+
}
}
\ No newline at end of file
diff --git a/src/Umbraco.Core/Umbraco.Core.csproj b/src/Umbraco.Core/Umbraco.Core.csproj
index e6eb6da9c8..0a4ff282bd 100644
--- a/src/Umbraco.Core/Umbraco.Core.csproj
+++ b/src/Umbraco.Core/Umbraco.Core.csproj
@@ -132,9 +132,9 @@
True
..\packages\Microsoft.AspNet.WebPages.2.0.30506.0\lib\net40\System.Web.Helpers.dll
-
+
True
- ..\packages\Microsoft.AspNet.Mvc.4.0.40804.0\lib\net40\System.Web.Mvc.dll
+ ..\packages\Microsoft.AspNet.Mvc.4.0.30506.0\lib\net40\System.Web.Mvc.dll
True
@@ -344,6 +344,7 @@
+
diff --git a/src/Umbraco.Core/app.config b/src/Umbraco.Core/app.config
index cbd44424ac..1f5a6442ad 100644
--- a/src/Umbraco.Core/app.config
+++ b/src/Umbraco.Core/app.config
@@ -8,7 +8,7 @@
-
+
diff --git a/src/Umbraco.Tests/App.config b/src/Umbraco.Tests/App.config
index d64d47b2ee..f1917d16c0 100644
--- a/src/Umbraco.Tests/App.config
+++ b/src/Umbraco.Tests/App.config
@@ -100,7 +100,7 @@
-
+
diff --git a/src/Umbraco.Tests/Umbraco.Tests.csproj b/src/Umbraco.Tests/Umbraco.Tests.csproj
index 9190056d66..f60e3de26f 100644
--- a/src/Umbraco.Tests/Umbraco.Tests.csproj
+++ b/src/Umbraco.Tests/Umbraco.Tests.csproj
@@ -135,9 +135,9 @@
False
..\packages\Microsoft.AspNet.WebApi.WebHost.5.2.3\lib\net45\System.Web.Http.WebHost.dll
-
+
True
- ..\packages\Microsoft.AspNet.Mvc.4.0.40804.0\lib\net40\System.Web.Mvc.dll
+ ..\packages\Microsoft.AspNet.Mvc.4.0.30506.0\lib\net40\System.Web.Mvc.dll
True
diff --git a/src/Umbraco.Tests/packages.config b/src/Umbraco.Tests/packages.config
index 9dc85b4dcb..a70db56875 100644
--- a/src/Umbraco.Tests/packages.config
+++ b/src/Umbraco.Tests/packages.config
@@ -5,7 +5,7 @@
-
+
diff --git a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
index f809f4efa5..13312a0529 100644
--- a/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
+++ b/src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
@@ -263,9 +263,9 @@
..\packages\Microsoft.AspNet.WebApi.WebHost.5.2.3\lib\net45\System.Web.Http.WebHost.dll
True
-
- ..\packages\Microsoft.AspNet.Mvc.4.0.40804.0\lib\net40\System.Web.Mvc.dll
+
True
+ ..\packages\Microsoft.AspNet.Mvc.4.0.30506.0\lib\net40\System.Web.Mvc.dll
True
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/en.xml b/src/Umbraco.Web.UI/umbraco/config/lang/en.xml
index d7fc409781..ec4ebe6996 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/en.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/en.xml
@@ -245,8 +245,8 @@
Name the %0%...
Enter a name...
Type to search...
- Type to filter...
- Type to add tags (press enter after each tag)...
+ Type to filter...
+ Type to add tags (press enter after each tag)...
Allow at root
@@ -680,9 +680,11 @@ To manage your website, simply open the Umbraco back office and start adding con
If you just want to setup simple protection using a single login and password
-
+
+ ]]>
+
diff --git a/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml b/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
index 24216900df..07047df8fc 100644
--- a/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
+++ b/src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
@@ -45,16 +45,16 @@
Invalid node.
Invalid domain format.
Domain has already been assigned.
- Domain
Language
+ Domain
New domain '%0%' has been created
Domain '%0%' is deleted
Domain '%0%' has already been assigned
+ Domain '%0%' has been updated
+ Edit Current Domains
One-level paths in domains are supported, eg. "example.com/en". However, they
should be avoided. Better use the culture setting above.]]>
- Domain '%0%' has been updated
- Edit Current Domains
Inherit
Culture
or inherit culture from parent nodes. Will also apply
@@ -64,8 +64,6 @@
Viewing for
-
-
Select
Select current folder
@@ -135,7 +133,7 @@
This item has been changed after publication
This item is not published
Last published
- There are no items show in the list.
+ There are no items to show in the list.
Media Type
Link to media item(s)
Member Group
@@ -163,8 +161,7 @@
Remove file(s)
Link to document
Member of group(s)
- Not a member of group(s)
-
+ Not a member of group(s)
Child items
Target
@@ -176,9 +173,7 @@
Where do you want to create the new %0%
Create an item under
Choose a type and a title
-
"document types".]]>
-
"media types".]]>
@@ -251,6 +246,7 @@
Enter a name...
Type to search...
Type to filter...
+ Type to add tags (press enter after each tag)...
@@ -413,7 +409,6 @@
Width
Yes
Folder
-
Search results
@@ -561,11 +556,9 @@ To manage your website, simply open the Umbraco back office and start adding con
Happy thunderous Thursday
Happy funky Friday
Happy Caturday
-
- log in below
+ Log in below
Session timed out
- © 2001 - %0%
Umbraco.com ]]>
-
+ © 2001 - %0%
Umbraco.com ]]>
Dashboard
@@ -716,16 +709,16 @@ To manage your website, simply open the Umbraco back office and start adding con
You have not configured any approved colors
- Add external link
- Add internal link
- Add
+ enter external link
+ choose internal page
Caption
- Internal page
- URL
- Move Down
- Move Up
+ Link
Open in new window
- Remove link
+ enter the display caption
+ Enter the link
+
+
+ Reset
Current version
@@ -752,8 +745,8 @@ To manage your website, simply open the Umbraco back office and start adding con
Statistics
Translation
Users
-
Help
+ Forms
Analytics
@@ -860,6 +853,10 @@ To manage your website, simply open the Umbraco back office and start adding con
Add rows to your layout
below and add your first element]]>
+ Click to embed
+ Click to insert image
+ Image caption...
+ Write here...
Grid layouts
Layouts are the overall work area for the grid editor, usually you only need one or two different layouts
Add grid layout
@@ -1033,7 +1030,7 @@ To manage your website, simply open the Umbraco back office and start adding con
Select pages to modify their permissions
Search all children
Start Node in Content
- Username
+ Name
User permissions
User type
User types
diff --git a/src/Umbraco.Web.UI/web.Template.Debug.config b/src/Umbraco.Web.UI/web.Template.Debug.config
index 13eab30817..38877c8d54 100644
--- a/src/Umbraco.Web.UI/web.Template.Debug.config
+++ b/src/Umbraco.Web.UI/web.Template.Debug.config
@@ -133,7 +133,14 @@
xdt:Locator="Condition(_defaultNamespace:assemblyIdentity[@name='System.Web.Mvc']])" />
-
+
+
+
+
+
+
+
-
+
-
-
+
+
diff --git a/src/Umbraco.Web/Editors/AuthenticationController.cs b/src/Umbraco.Web/Editors/AuthenticationController.cs
index 6f3a7b4fea..1975fdc5db 100644
--- a/src/Umbraco.Web/Editors/AuthenticationController.cs
+++ b/src/Umbraco.Web/Editors/AuthenticationController.cs
@@ -28,6 +28,7 @@ using Umbraco.Web.WebApi;
using Umbraco.Web.WebApi.Filters;
using umbraco.providers;
using Microsoft.AspNet.Identity.Owin;
+using Umbraco.Core.Logging;
using Newtonsoft.Json.Linq;
using Umbraco.Core.Models.Identity;
using IUser = Umbraco.Core.Models.Membership.IUser;
@@ -161,6 +162,10 @@ namespace Umbraco.Web.Editors
[SetAngularAntiForgeryTokens]
public async Task PostLogin(LoginModel loginModel)
{
+ var http = this.TryGetHttpContext();
+ if (http.Success == false)
+ throw new InvalidOperationException("This method requires that an HttpContext be active");
+
if (UmbracoContext.Security.ValidateBackOfficeCredentials(loginModel.Username, loginModel.Password))
{
//get the user
@@ -177,12 +182,6 @@ namespace Umbraco.Web.Editors
//Identity does some of it's own checks as well so we need to use it's sign in process too... this will essentially re-create the
// ticket/cookie above but we need to create the ticket now so we can assign the Current Thread User/IPrinciple below
await SignInAsync(Mapper.Map(user), isPersistent: true);
-
- var http = this.TryGetHttpContext();
- if (http.Success == false)
- {
- throw new InvalidOperationException("This method requires that an HttpContext be active");
- }
//This ensure the current principal is set, otherwise any logic executing after this wouldn't actually be authenticated
http.Result.AuthenticateCurrentRequest(ticket, false);
@@ -195,7 +194,7 @@ namespace Umbraco.Web.Editors
//return BadRequest (400), we don't want to return a 401 because that get's intercepted
// by our angular helper because it thinks that we need to re-perform the request once we are
// authorized and we don't want to return a 403 because angular will show a warning msg indicating
- // that the user doesn't have access to perform this function, we just want to return a normal invalid msg.
+ // that the user doesn't have access to perform this function, we just want to return a normal invalid msg.
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
diff --git a/src/Umbraco.Web/Security/Providers/UmbracoMembershipProvider.cs b/src/Umbraco.Web/Security/Providers/UmbracoMembershipProvider.cs
index 16641e5f91..65f90d8127 100644
--- a/src/Umbraco.Web/Security/Providers/UmbracoMembershipProvider.cs
+++ b/src/Umbraco.Web/Security/Providers/UmbracoMembershipProvider.cs
@@ -511,16 +511,35 @@ namespace Umbraco.Web.Security.Providers
{
var member = MemberService.GetByUsername(username);
- if (member == null) return false;
+ if (member == null)
+ {
+ LogHelper.Info(
+ string.Format(
+ "Login attempt failed for username {0} from IP address {1}, the user does not exist",
+ username,
+ GetCurrentRequestIpAddress()));
+
+ return false;
+ }
if (member.IsApproved == false)
{
- LogHelper.Info>("Cannot validate member " + username + " because they are not approved");
+ LogHelper.Info(
+ string.Format(
+ "Login attempt failed for username {0} from IP address {1}, the user is not approved",
+ username,
+ GetCurrentRequestIpAddress()));
+
return false;
}
if (member.IsLockedOut)
{
- LogHelper.Info>("Cannot validate member " + username + " because they are currently locked out");
+ LogHelper.Info(
+ string.Format(
+ "Login attempt failed for username {0} from IP address {1}, the user is locked",
+ username,
+ GetCurrentRequestIpAddress()));
+
return false;
}
@@ -538,18 +557,39 @@ namespace Umbraco.Web.Security.Providers
{
member.IsLockedOut = true;
member.LastLockoutDate = DateTime.Now;
- LogHelper.Info>("Member " + username + " is now locked out, max invalid password attempts exceeded");
+
+ LogHelper.Info(
+ string.Format(
+ "Login attempt failed for username {0} from IP address {1}, the user is now locked out, max invalid password attempts exceeded",
+ username,
+ GetCurrentRequestIpAddress()));
+ }
+ else
+ {
+ LogHelper.Info(
+ string.Format(
+ "Login attempt failed for username {0} from IP address {1}",
+ username,
+ GetCurrentRequestIpAddress()));
}
}
else
{
member.FailedPasswordAttempts = 0;
member.LastLoginDate = DateTime.Now;
+
+ LogHelper.Info(
+ string.Format(
+ "Login attempt succeeded for username {0} from IP address {1}",
+ username,
+ GetCurrentRequestIpAddress()));
}
//don't raise events for this! It just sets the member dates, if we do raise events this will
// cause all distributed cache to execute - which will clear out some caches we don't want.
// http://issues.umbraco.org/issue/U4-3451
+ //TODO: In v8 we aren't going to have an overload to disable events, so we'll need to make a different method
+ // for this type of thing (i.e. UpdateLastLogin or similar).
MemberService.Save(member, false);
return authenticated;
diff --git a/src/Umbraco.Web/Umbraco.Web.csproj b/src/Umbraco.Web/Umbraco.Web.csproj
index af8b4fc71a..22283d0b64 100644
--- a/src/Umbraco.Web/Umbraco.Web.csproj
+++ b/src/Umbraco.Web/Umbraco.Web.csproj
@@ -230,9 +230,9 @@
False
..\packages\Microsoft.AspNet.WebApi.WebHost.5.2.3\lib\net45\System.Web.Http.WebHost.dll
-
+
True
- ..\packages\Microsoft.AspNet.Mvc.4.0.40804.0\lib\net40\System.Web.Mvc.dll
+ ..\packages\Microsoft.AspNet.Mvc.4.0.30506.0\lib\net40\System.Web.Mvc.dll
True
diff --git a/src/Umbraco.Web/app.config b/src/Umbraco.Web/app.config
index 548dde0987..71898fd12e 100644
--- a/src/Umbraco.Web/app.config
+++ b/src/Umbraco.Web/app.config
@@ -29,7 +29,7 @@
-
+
diff --git a/src/UmbracoExamine/app.config b/src/UmbracoExamine/app.config
index 0f2278a158..4022c25600 100644
--- a/src/UmbracoExamine/app.config
+++ b/src/UmbracoExamine/app.config
@@ -4,7 +4,7 @@
-
+
diff --git a/src/umbraco.MacroEngines/app.config b/src/umbraco.MacroEngines/app.config
index 6cd2ad76f2..cabc84546e 100644
--- a/src/umbraco.MacroEngines/app.config
+++ b/src/umbraco.MacroEngines/app.config
@@ -16,7 +16,7 @@
-
+
diff --git a/src/umbraco.MacroEngines/packages.config b/src/umbraco.MacroEngines/packages.config
index ac2cfc7e95..d6a893c69f 100644
--- a/src/umbraco.MacroEngines/packages.config
+++ b/src/umbraco.MacroEngines/packages.config
@@ -3,7 +3,7 @@
-
+
diff --git a/src/umbraco.MacroEngines/umbraco.MacroEngines.csproj b/src/umbraco.MacroEngines/umbraco.MacroEngines.csproj
index 347a016a96..f6880d7c3a 100644
--- a/src/umbraco.MacroEngines/umbraco.MacroEngines.csproj
+++ b/src/umbraco.MacroEngines/umbraco.MacroEngines.csproj
@@ -92,9 +92,9 @@
False
..\packages\Microsoft.AspNet.WebApi.WebHost.5.2.3\lib\net45\System.Web.Http.WebHost.dll
-
+
True
- ..\packages\Microsoft.AspNet.Mvc.4.0.40804.0\lib\net40\System.Web.Mvc.dll
+ ..\packages\Microsoft.AspNet.Mvc.4.0.30506.0\lib\net40\System.Web.Mvc.dll
True
diff --git a/src/umbraco.businesslogic/app.config b/src/umbraco.businesslogic/app.config
index 0f2278a158..4022c25600 100644
--- a/src/umbraco.businesslogic/app.config
+++ b/src/umbraco.businesslogic/app.config
@@ -4,7 +4,7 @@
-
+
diff --git a/src/umbraco.businesslogic/packages.config b/src/umbraco.businesslogic/packages.config
index f07166e262..b1c4140b1a 100644
--- a/src/umbraco.businesslogic/packages.config
+++ b/src/umbraco.businesslogic/packages.config
@@ -1,7 +1,7 @@
-
+
diff --git a/src/umbraco.businesslogic/umbraco.businesslogic.csproj b/src/umbraco.businesslogic/umbraco.businesslogic.csproj
index 5ad8cc72d0..970bc1ef9c 100644
--- a/src/umbraco.businesslogic/umbraco.businesslogic.csproj
+++ b/src/umbraco.businesslogic/umbraco.businesslogic.csproj
@@ -143,9 +143,9 @@
True
..\packages\Microsoft.AspNet.WebPages.2.0.30506.0\lib\net40\System.Web.Helpers.dll
-
+
True
- ..\packages\Microsoft.AspNet.Mvc.4.0.40804.0\lib\net40\System.Web.Mvc.dll
+ ..\packages\Microsoft.AspNet.Mvc.4.0.30506.0\lib\net40\System.Web.Mvc.dll
True
diff --git a/src/umbraco.cms/app.config b/src/umbraco.cms/app.config
index 0f2278a158..4022c25600 100644
--- a/src/umbraco.cms/app.config
+++ b/src/umbraco.cms/app.config
@@ -4,7 +4,7 @@
-
+
diff --git a/src/umbraco.controls/app.config b/src/umbraco.controls/app.config
index 0f2278a158..4022c25600 100644
--- a/src/umbraco.controls/app.config
+++ b/src/umbraco.controls/app.config
@@ -4,7 +4,7 @@
-
+
diff --git a/src/umbraco.datalayer/app.config b/src/umbraco.datalayer/app.config
index cbd44424ac..1f5a6442ad 100644
--- a/src/umbraco.datalayer/app.config
+++ b/src/umbraco.datalayer/app.config
@@ -8,7 +8,7 @@
-
+
diff --git a/src/umbraco.editorControls/app.config b/src/umbraco.editorControls/app.config
index 0b61939c20..68046c3af5 100644
--- a/src/umbraco.editorControls/app.config
+++ b/src/umbraco.editorControls/app.config
@@ -4,7 +4,7 @@
-
+
diff --git a/src/umbraco.providers/UsersMembershipProvider.cs b/src/umbraco.providers/UsersMembershipProvider.cs
index df190a8ac0..93f5327cbb 100644
--- a/src/umbraco.providers/UsersMembershipProvider.cs
+++ b/src/umbraco.providers/UsersMembershipProvider.cs
@@ -9,6 +9,8 @@ using umbraco.BusinessLogic;
using System.Web.Util;
using System.Configuration.Provider;
using System.Linq;
+using Umbraco.Core.Logging;
+
#endregion
namespace umbraco.providers
@@ -491,10 +493,33 @@ namespace umbraco.providers
{
if (user.Disabled)
{
+ LogHelper.Info(
+ string.Format(
+ "Login attempt failed for username {0} from IP address {1}, the user is locked",
+ username,
+ GetCurrentRequestIpAddress()));
+
return false;
}
- return CheckPassword(password, user.Password);
+ var result = CheckPassword(password, user.Password);
+ if (result == false)
+ {
+ LogHelper.Info(
+ string.Format(
+ "Login attempt failed for username {0} from IP address {1}",
+ username,
+ GetCurrentRequestIpAddress()));
+ }
+ else
+ {
+ LogHelper.Info(
+ string.Format(
+ "Login attempt succeeded for username {0} from IP address {1}",
+ username,
+ GetCurrentRequestIpAddress()));
+ }
+ return result;
}
}
return false;
diff --git a/src/umbraco.providers/app.config b/src/umbraco.providers/app.config
index 0f2278a158..4022c25600 100644
--- a/src/umbraco.providers/app.config
+++ b/src/umbraco.providers/app.config
@@ -4,7 +4,7 @@
-
+