yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

2FA for users in management API (#15607)

Browse Source 
* Added 2FA management endpoints

* Ensure not found do not lead to forbidden results

* Do not inherit the requirement to have access to users, from the current user base class

* Updated OpenApi.json

* Handle 2FA in login scenario (only backend)

* Added the endpoint to use for client to post 2FA code

* Fixed tests and allow injecting the authentication type settings

* fix test build

* Fallback to use Constants.Security.BackOfficeAuthenticationType

* remove unused variable

* Review fixes

* Build fix

* Update src/Umbraco.Cms.Api.Management/Controllers/User/Current/DisableTwoFactorProviderCurrentUserController.cs

Co-authored-by: Sven Geusens <geusens@gmail.com>

* Handle case where 2fa provider is already setup

---------

Co-authored-by: Sven Geusens <geusens@gmail.com>
This commit is contained in:
Bjarke Berg
2024-01-23 18:07:21 +01:00
committed by GitHub
parent bfb500612a
commit aaca7a5ff4
52 changed files with 1563 additions and 307 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/Umbraco.Web.UI/UseLegacyBackofficeSignInManagerComposer.cs Normal file
View File

@@ -0,0 +1,27 @@
using Microsoft.AspNetCore.Authentication;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.DependencyInjection.Extensions;
using Microsoft.Extensions.Options;
using Umbraco.Cms.Core;
using Umbraco.Cms.Core.Composing;
using Umbraco.Cms.Core.Configuration.Models;
using Umbraco.Cms.Core.Events;
using Umbraco.Cms.Core.Security;
using Umbraco.Cms.Web.BackOffice.Security;
using Umbraco.Cms.Web.Common.Security;
namespace Umbraco.Cms.Web.UI;
public class UseLegacyBackofficeSignInManagerComposer : IComposer
{
public void Compose(IUmbracoBuilder builder)
{
builder.Services.Configure<BackOfficeAuthenticationTypeSettings>(options =>
{
options.AuthenticationType = Constants.Security.BackOfficeAuthenticationType;
options.ExternalAuthenticationType = Constants.Security.BackOfficeExternalAuthenticationType;
options.TwoFactorAuthenticationType = Constants.Security.BackOfficeTwoFactorAuthenticationType;
options.TwoFactorRememberMeAuthenticationType = Constants.Security.BackOfficeTwoFactorRememberMeAuthenticationType;
});
}
}