From cb7f26c998cc0d7cc8832b94ff1907b3cb0b0bbe Mon Sep 17 00:00:00 2001
From: Shannon <sdeminick@gmail.com>
Date: Tue, 13 May 2014 13:39:18 +1000
Subject: [PATCH] Fixes: U4-4197 Error 400 on admin area login

---
 .../src/common/resources/auth.resource.js       | 17 ++++++++++++++++-
 .../Editors/AuthenticationController.cs         | 13 +++++--------
 2 files changed, 21 insertions(+), 9 deletions(-)

diff --git a/src/Umbraco.Web.UI.Client/src/common/resources/auth.resource.js b/src/Umbraco.Web.UI.Client/src/common/resources/auth.resource.js
index 72904037d5..7f214400d5 100644
--- a/src/Umbraco.Web.UI.Client/src/common/resources/auth.resource.js
+++ b/src/Umbraco.Web.UI.Client/src/common/resources/auth.resource.js
@@ -55,7 +55,22 @@ function authResource($q, $http, umbRequestHelper, angularHelper) {
                     umbRequestHelper.getApiUrl(
                         "authenticationApiBaseUrl",
                         "IsAuthenticated")),
-                'Server call failed for checking authentication');
+                {
+                    success: function (data, status, headers, config) {
+                        //if the response is false, they are not logged in so return a rejection
+                        if (data === false || data === "false") {
+                            return $q.reject('User is not logged in');
+                        }
+                        return data;
+                    },
+                    error: function (data, status, headers, config) {                     
+                        return {
+                            errorMsg: 'Server call failed for checking authentication',
+                            data: data,
+                            status: status
+                        };
+                    }
+                });
         },
         
         /** Gets the user's remaining seconds before their login times out */
diff --git a/src/Umbraco.Web/Editors/AuthenticationController.cs b/src/Umbraco.Web/Editors/AuthenticationController.cs
index 5e1672fa90..00498f7e61 100644
--- a/src/Umbraco.Web/Editors/AuthenticationController.cs
+++ b/src/Umbraco.Web/Editors/AuthenticationController.cs
@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using System.Net;
 using System.Net.Http;
+using System.Text;
 using System.Web;
 using System.Web.Helpers;
 using System.Web.Http;
@@ -59,18 +60,14 @@ namespace Umbraco.Web.Editors
         /// </summary>
         /// <returns></returns>
         [HttpGet]
-        public HttpResponseMessage IsAuthenticated()
+        public bool IsAuthenticated()
         {
             var attempt = UmbracoContext.Security.AuthorizeRequest();
             if (attempt == ValidateRequestAttempt.Success)
             {
-                return Request.CreateResponse(HttpStatusCode.OK);
-            }
-            //return BadRequest (400), we don't want to return a 401 because that get's intercepted 
-            // by our angular helper because it thinks that we need to re-perform the request once we are
-            // authorized and we don't want to return a 403 because angular will show a warning msg indicating 
-            // that the user doesn't have access to perform this function, we just want to return a normal invalid msg.
-            return Request.CreateResponse(HttpStatusCode.BadRequest);
+                return true;
+            }            
+            return false;
         }