yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use int.MinValue instead of calculating from SuperUserId

Browse Source
This commit is contained in:
Sebastiaan Janssen
2019-05-06 08:22:03 +02:00
parent e5839a89cd
commit c03a4d978b
2 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/Umbraco.Web/Editors/AuthenticationController.cs
View File

@@ -329,7 +329,7 @@ namespace Umbraco.Web.Editors
public async Task<IEnumerable<string>> Get2FAProviders()
{
var userId = await SignInManager.GetVerifiedUserIdAsync();
if (userId < Core.Constants.Security.SuperUserId)
if (userId == int.MinValue)
{
Logger.Warn<AuthenticationController>("Get2FAProviders :: No verified user found, returning 404");
throw new HttpResponseException(HttpStatusCode.NotFound);
@@ -345,7 +345,7 @@ namespace Umbraco.Web.Editors
throw new HttpResponseException(HttpStatusCode.NotFound);
var userId = await SignInManager.GetVerifiedUserIdAsync();
if (userId < Core.Constants.Security.SuperUserId)
if (userId == int.MinValue)
{
Logger.Warn<AuthenticationController>("Get2FAProviders :: No verified user found, returning 404");
throw new HttpResponseException(HttpStatusCode.NotFound);

12
src/Umbraco.Web/Security/BackOfficeSignInManager.cs
View File

@@ -227,7 +227,7 @@ namespace Umbraco.Web.Security
}
/// <summary>
/// Get the user id that has been verified already or the SuperUserId minus 1.
/// Get the user id that has been verified already or int.MinValue if the user has not been verified yet
/// </summary>
/// <returns></returns>
/// <remarks>
@@ -240,7 +240,7 @@ namespace Umbraco.Web.Security
{
return ConvertIdFromString(result.Identity.GetUserId());
}
return Constants.Security.SuperUserId - 1;
return int.MinValue;
}
/// <summary>
@@ -269,12 +269,12 @@ namespace Umbraco.Web.Security
/// This is implemented because we cannot override GetVerifiedUserIdAsync and instead we have to shadow it
/// so due to this and because we are using an INT as the TKey and not an object, it can never be null. Adding to that
/// the default(int) value returned by the base class is always a valid user (i.e. the admin) so we just have to duplicate
/// all of this code to check for SuperUserId-1 instead.
/// all of this code to check for int.MinValue
/// </remarks>
public override async Task<SignInStatus> TwoFactorSignInAsync(string provider, string code, bool isPersistent, bool rememberBrowser)
{
var userId = await GetVerifiedUserIdAsync();
if (userId == Constants.Security.SuperUserId - 1)
if (userId == int.MinValue)
{
return SignInStatus.Failure;
}
@@ -306,12 +306,12 @@ namespace Umbraco.Web.Security
/// This is implemented because we cannot override GetVerifiedUserIdAsync and instead we have to shadow it
/// so due to this and because we are using an INT as the TKey and not an object, it can never be null. Adding to that
/// the default(int) value returned by the base class is always a valid user (i.e. the admin) so we just have to duplicate
/// all of this code to check for SuperUserId-1 instead.
/// all of this code to check for int.MinVale instead.
/// </remarks>
public override async Task<bool> SendTwoFactorCodeAsync(string provider)
{
var userId = await GetVerifiedUserIdAsync();
if (userId == Constants.Security.SuperUserId - 1)
if (userId == int.MinValue)
return false;
var token = await UserManager.GenerateTwoFactorTokenAsync(userId, provider);