Member password roll forward (#10138)

* Getting new netcore PublicAccessChecker in place * Adds full test coverage for PublicAccessChecker * remove PublicAccessComposer * adjust namespaces, ensure RoleManager works, separate public access controller, reduce content controller * Implements the required methods on IMemberManager, removes old migrated code * Updates routing to be able to re-route, Fixes middleware ordering ensuring endpoints are last, refactors pipeline options, adds public access middleware, ensures public access follows all hops * adds note * adds note * Cleans up ext methods, ensures that members identity is added on both front-end and back ends. updates how UmbracoApplicationBuilder works in that it explicitly starts endpoints at the time of calling. * Changes name to IUmbracoEndpointBuilder * adds note * Fixing tests, fixing error describers so there's 2x one for back office, one for members, fixes TryConvertTo, fixes login redirect * fixing build * Updates user manager to correctly validate password hashing and injects the IBackOfficeUserPasswordChecker * Merges PR * Fixes up build and notes * Fixes keepalive, fixes PublicAccessMiddleware to not throw, updates startup code to be more clear and removes magic that registers middleware. * adds note * removes unused filter, fixes build * fixes WebPath and tests * Looks up entities in one query * remove usings * Fix test, remove stylesheet * Set status code before we write to response to avoid error * Ensures that users and members are validated when logging in. Shares more code between users and members. * Fixes RepositoryCacheKeys to ensure the keys are normalized * oops didn't mean to commit this * Fix casing issues with caching, stop boxing value types for all cache operations, stop re-creating string keys in DefaultRepositoryCachePolicy * oops didn't mean to comit this * bah, far out this keeps getting recommitted. sorry Co-authored-by: Bjarke Berg <mail@bergmania.dk>
2021-04-20 15:45:35 +10:00
parent a1624d26a3
commit de28fbb0a4
7 changed files with 191 additions and 42 deletions
--- a/src/Umbraco.Web.Common/DependencyInjection/UmbracoBuilder.MembersIdentity.cs
+++ b/src/Umbraco.Web.Common/DependencyInjection/UmbracoBuilder.MembersIdentity.cs
@@ -25,6 +25,14 @@ namespace Umbraco.Extensions
                return builder;
            }

+            // NOTE: We are using AddIdentity which is going to add all of the default AuthN/AuthZ configurations = OK!
+            // This will also add all of the default identity services for our user/role types that we aren't overriding = OK!
+            // If a developer wishes to use Umbraco Members with different AuthN/AuthZ values, like different cookie values
+            // or authentication scheme's then they can call the default identity configuration methods like ConfigureApplicationCookie.
+            // BUT ... if a developer wishes to use the default auth schemes for entirely separate purposes alongside Umbraco members,
+            // then we'll probably have to change this and make it more flexible like how we do for Users. Which means booting up
+            // identity here with the basics and registering all of our own custom services.
+            // Since we are using the defaults in v8 (and below) for members, I think using the default for members now is OK!
            // TODO: We may need to use services.AddIdentityCore instead if this is doing too much

            services.AddIdentity<MemberIdentityUser, UmbracoIdentityRole>()
@@ -39,6 +47,8 @@ namespace Umbraco.Extensions

            services.ConfigureOptions<ConfigureMemberIdentityOptions>();

+            services.AddScoped<IPasswordHasher<MemberIdentityUser>, MemberPasswordHasher>();
+
            services.ConfigureApplicationCookie(x =>
            {
                // TODO: We may want/need to configure these further