Fixes: U4-4197 Error 400 on admin area login

2014-05-13 13:39:18 +10:00
parent 16b5c86192
commit cb7f26c998
2 changed files with 21 additions and 9 deletions
--- a/src/Umbraco.Web.UI.Client/src/common/resources/auth.resource.js
+++ b/src/Umbraco.Web.UI.Client/src/common/resources/auth.resource.js
@@ -55,7 +55,22 @@ function authResource($q, $http, umbRequestHelper, angularHelper) {
                    umbRequestHelper.getApiUrl(
                        "authenticationApiBaseUrl",
                        "IsAuthenticated")),
-                'Server call failed for checking authentication');
+                {
+                    success: function (data, status, headers, config) {
+                        //if the response is false, they are not logged in so return a rejection
+                        if (data === false || data === "false") {
+                            return $q.reject('User is not logged in');
+                        }
+                        return data;
+                    },
+                    error: function (data, status, headers, config) {                     
+                        return {
+                            errorMsg: 'Server call failed for checking authentication',
+                            data: data,
+                            status: status
+                        };
+                    }
+                });
        },
        
        /** Gets the user's remaining seconds before their login times out */
--- a/src/Umbraco.Web/Editors/AuthenticationController.cs
+++ b/src/Umbraco.Web/Editors/AuthenticationController.cs
@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using System.Net;
 using System.Net.Http;
+using System.Text;
 using System.Web;
 using System.Web.Helpers;
 using System.Web.Http;
@@ -59,18 +60,14 @@ namespace Umbraco.Web.Editors
        /// </summary>
        /// <returns></returns>
        [HttpGet]
-        public HttpResponseMessage IsAuthenticated()
+        public bool IsAuthenticated()
        {
            var attempt = UmbracoContext.Security.AuthorizeRequest();
            if (attempt == ValidateRequestAttempt.Success)
            {
-                return Request.CreateResponse(HttpStatusCode.OK);
-            }
-            //return BadRequest (400), we don't want to return a 401 because that get's intercepted 
-            // by our angular helper because it thinks that we need to re-perform the request once we are
-            // authorized and we don't want to return a 403 because angular will show a warning msg indicating 
-            // that the user doesn't have access to perform this function, we just want to return a normal invalid msg.
-            return Request.CreateResponse(HttpStatusCode.BadRequest);
+                return true;
+            }            
+            return false;
        }