diff --git a/src/Umbraco.Web/Editors/AuthenticationController.cs b/src/Umbraco.Web/Editors/AuthenticationController.cs index 2976c26d82..c2c481e8e4 100644 --- a/src/Umbraco.Web/Editors/AuthenticationController.cs +++ b/src/Umbraco.Web/Editors/AuthenticationController.cs @@ -329,7 +329,7 @@ namespace Umbraco.Web.Editors public async Task> Get2FAProviders() { var userId = await SignInManager.GetVerifiedUserIdAsync(); - if (userId < Core.Constants.Security.SuperUserId) + if (userId == int.MinValue) { Logger.Warn("Get2FAProviders :: No verified user found, returning 404"); throw new HttpResponseException(HttpStatusCode.NotFound); @@ -345,7 +345,7 @@ namespace Umbraco.Web.Editors throw new HttpResponseException(HttpStatusCode.NotFound); var userId = await SignInManager.GetVerifiedUserIdAsync(); - if (userId < Core.Constants.Security.SuperUserId) + if (userId == int.MinValue) { Logger.Warn("Get2FAProviders :: No verified user found, returning 404"); throw new HttpResponseException(HttpStatusCode.NotFound); diff --git a/src/Umbraco.Web/Security/BackOfficeSignInManager.cs b/src/Umbraco.Web/Security/BackOfficeSignInManager.cs index 6e32424201..b33487bc8d 100644 --- a/src/Umbraco.Web/Security/BackOfficeSignInManager.cs +++ b/src/Umbraco.Web/Security/BackOfficeSignInManager.cs @@ -227,7 +227,7 @@ namespace Umbraco.Web.Security } /// - /// Get the user id that has been verified already or the SuperUserId minus 1. + /// Get the user id that has been verified already or int.MinValue if the user has not been verified yet /// /// /// @@ -240,7 +240,7 @@ namespace Umbraco.Web.Security { return ConvertIdFromString(result.Identity.GetUserId()); } - return Constants.Security.SuperUserId - 1; + return int.MinValue; } /// @@ -269,12 +269,12 @@ namespace Umbraco.Web.Security /// This is implemented because we cannot override GetVerifiedUserIdAsync and instead we have to shadow it /// so due to this and because we are using an INT as the TKey and not an object, it can never be null. Adding to that /// the default(int) value returned by the base class is always a valid user (i.e. the admin) so we just have to duplicate - /// all of this code to check for SuperUserId-1 instead. + /// all of this code to check for int.MinValue /// public override async Task TwoFactorSignInAsync(string provider, string code, bool isPersistent, bool rememberBrowser) { var userId = await GetVerifiedUserIdAsync(); - if (userId == Constants.Security.SuperUserId - 1) + if (userId == int.MinValue) { return SignInStatus.Failure; } @@ -306,12 +306,12 @@ namespace Umbraco.Web.Security /// This is implemented because we cannot override GetVerifiedUserIdAsync and instead we have to shadow it /// so due to this and because we are using an INT as the TKey and not an object, it can never be null. Adding to that /// the default(int) value returned by the base class is always a valid user (i.e. the admin) so we just have to duplicate - /// all of this code to check for SuperUserId-1 instead. + /// all of this code to check for int.MinVale instead. /// public override async Task SendTwoFactorCodeAsync(string provider) { var userId = await GetVerifiedUserIdAsync(); - if (userId == Constants.Security.SuperUserId - 1) + if (userId == int.MinValue) return false; var token = await UserManager.GenerateTwoFactorTokenAsync(userId, provider);