yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ensures that all calls to the members membership provider are done so explicitly with the membership provider alias - this decouples the need to have the umbraco membership provider declared as the default, we were doing both before.

Browse Source
This commit is contained in:
Shannon
2014-03-18 17:08:21 +11:00
parent 71de4dc7de
commit e2881e07d1
43 changed files with 969 additions and 706 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
src/Umbraco.Web/Security/MembershipHelper.cs
View File

@@ -46,7 +46,8 @@ namespace Umbraco.Web.Security
/// <returns></returns>
public bool IsUmbracoMembershipProviderActive()
{
return Membership.Provider.IsUmbracoMembershipProvider();
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
return provider.IsUmbracoMembershipProvider();
}
/// <summary>
@@ -64,7 +65,9 @@ namespace Umbraco.Web.Security
}
//get the current membership user
var membershipUser = Membership.GetUser();
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
var username = provider.GetCurrentUserName();
var membershipUser = provider.GetUser(username, true);
//NOTE: This should never happen since they are logged in
if (membershipUser == null) throw new InvalidOperationException("Could not find member with username " + _httpContext.User.Identity.Name);
@@ -74,7 +77,7 @@ namespace Umbraco.Web.Security
if (model.Email.InvariantEquals(membershipUser.Email) == false)
{
//Use the membership provider to change the email since that is configured to do the checks to check for unique emails if that is configured.
var requiresUpdating = UpdateMember(membershipUser, Membership.Provider, model.Email);
var requiresUpdating = UpdateMember(membershipUser, provider, model.Email);
membershipUser = requiresUpdating.Result;
}
}
@@ -130,11 +133,11 @@ namespace Umbraco.Web.Security
model.Username = (model.UsernameIsEmail || model.Username == null) ? model.Email : model.Username;
MembershipUser membershipUser;
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
//update their real name
if (Membership.Provider.IsUmbracoMembershipProvider())
if (provider.IsUmbracoMembershipProvider())
{
membershipUser = ((UmbracoMembershipProviderBase)Membership.Provider).CreateUser(
membershipUser = ((UmbracoMembershipProviderBase)provider).CreateUser(
model.MemberTypeAlias,
model.Username, model.Password, model.Email,
//TODO: Support q/a http://issues.umbraco.org/issue/U4-3213
@@ -159,16 +162,16 @@ namespace Umbraco.Web.Security
}
else
{
membershipUser = Membership.CreateUser(model.Username, model.Password, model.Email,
membershipUser = provider.CreateUser(model.Username, model.Password, model.Email,
//TODO: Support q/a http://issues.umbraco.org/issue/U4-3213
null, null,
true, out status);
true, null, out status);
if (status != MembershipCreateStatus.Success) return null;
}
//Set member online
Membership.GetUser(model.Username, true);
provider.GetUser(model.Username, true);
//Log them in
FormsAuthentication.SetAuthCookie(membershipUser.UserName, true);
@@ -184,13 +187,14 @@ namespace Umbraco.Web.Security
/// <returns></returns>
public bool Login(string username, string password)
{
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
//Validate credentials
if (Membership.ValidateUser(username, password) == false)
if (provider.ValidateUser(username, password) == false)
{
return false;
}
//Set member online
var member = Membership.GetUser(username, true);
var member = provider.GetUser(username, true);
if (member == null)
{
//this should not happen
@@ -206,46 +210,50 @@ namespace Umbraco.Web.Security
public IPublishedContent GetByProviderKey(object key)
{
if (Membership.Provider.IsUmbracoMembershipProvider() == false)
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
if (provider.IsUmbracoMembershipProvider() == false)
{
throw new NotSupportedException("Cannot access this method unless the Umbraco membership provider is active");
}
var result = _applicationContext.Services.MemberService.GetByProviderKey(key);
return result == null ? null : new MemberPublishedContent(result, Membership.GetUser(result.Username));
return result == null ? null : new MemberPublishedContent(result, provider.GetUser(result.Username, false));
}
public IPublishedContent GetById(int memberId)
{
if (Membership.Provider.IsUmbracoMembershipProvider() == false)
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
if (provider.IsUmbracoMembershipProvider() == false)
{
throw new NotSupportedException("Cannot access this method unless the Umbraco membership provider is active");
}
var result = _applicationContext.Services.MemberService.GetById(memberId);
return result == null ? null : new MemberPublishedContent(result, Membership.GetUser(result.Username));
return result == null ? null : new MemberPublishedContent(result, provider.GetUser(result.Username, false));
}
public IPublishedContent GetByUsername(string username)
{
if (Membership.Provider.IsUmbracoMembershipProvider() == false)
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
if (provider.IsUmbracoMembershipProvider() == false)
{
throw new NotSupportedException("Cannot access this method unless the Umbraco membership provider is active");
}
var result = _applicationContext.Services.MemberService.GetByUsername(username);
return result == null ? null : new MemberPublishedContent(result, Membership.GetUser(result.Username));
return result == null ? null : new MemberPublishedContent(result, provider.GetUser(result.Username, false));
}
public IPublishedContent GetByEmail(string email)
{
if (Membership.Provider.IsUmbracoMembershipProvider() == false)
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
if (provider.IsUmbracoMembershipProvider() == false)
{
throw new NotSupportedException("Cannot access this method unless the Umbraco membership provider is active");
}
var result = _applicationContext.Services.MemberService.GetByEmail(email);
return result == null ? null : new MemberPublishedContent(result, Membership.GetUser(result.Username));
return result == null ? null : new MemberPublishedContent(result, provider.GetUser(result.Username, false));
}
#endregion
@@ -263,9 +271,12 @@ namespace Umbraco.Web.Security
return null;
}
if (Membership.Provider.IsUmbracoMembershipProvider())
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
if (provider.IsUmbracoMembershipProvider())
{
var membershipUser = Membership.GetUser();
var username = provider.GetCurrentUserName();
var membershipUser = provider.GetUser(username, true);
var member = GetCurrentMember();
//this shouldn't happen
if (member == null) return null;
@@ -308,7 +319,8 @@ namespace Umbraco.Web.Security
/// <returns></returns>
public RegisterModel CreateRegistrationModel(string memberTypeAlias = null)
{
if (Membership.Provider.IsUmbracoMembershipProvider())
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
if (provider.IsUmbracoMembershipProvider())
{
memberTypeAlias = memberTypeAlias ?? Constants.Conventions.MemberTypes.Member;
var memberType = _applicationContext.Services.MemberTypeService.Get(memberTypeAlias);
@@ -400,8 +412,10 @@ namespace Umbraco.Web.Security
model.IsLoggedIn = false;
return model;
}
if (Membership.Provider.IsUmbracoMembershipProvider())
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
if (provider.IsUmbracoMembershipProvider())
{
var member = GetCurrentMember();
//this shouldn't happen
@@ -412,7 +426,8 @@ namespace Umbraco.Web.Security
}
else
{
var member = Membership.GetUser();
var username = provider.GetCurrentUserName();
var member = provider.GetUser(username, true);
//this shouldn't happen
if (member == null) return null;
model.Name = member.UserName;
@@ -467,8 +482,10 @@ namespace Umbraco.Web.Security
}
else
{
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
string username;
if (Membership.Provider.IsUmbracoMembershipProvider())
if (provider.IsUmbracoMembershipProvider())
{
var member = GetCurrentMember();
username = member.Username;
@@ -489,7 +506,8 @@ namespace Umbraco.Web.Security
}
else
{
var member = Membership.GetUser();
var currUsername = provider.GetCurrentUserName();
var member = provider.GetUser(currUsername, true);
username = member.UserName;
}
@@ -722,11 +740,14 @@ namespace Umbraco.Web.Security
/// <returns></returns>
private IMember GetCurrentMember()
{
if (Membership.Provider.IsUmbracoMembershipProvider() == false)
var provider = MembershipProviderExtensions.GetMembersMembershipProvider();
if (provider.IsUmbracoMembershipProvider() == false)
{
throw new NotSupportedException("An IMember model can only be retreived when using the built-in Umbraco membership providers");
}
var member = _applicationContext.Services.MemberService.GetByUsername(_httpContext.User.Identity.Name);
var username = provider.GetCurrentUserName();
var member = _applicationContext.Services.MemberService.GetByUsername(username);
return member;
}

16
src/Umbraco.Web/Security/Providers/UmbracoMembershipProvider.cs
View File

@@ -78,7 +78,7 @@ namespace Umbraco.Web.Security.Providers
string salt;
var encodedPassword = EncryptOrHashNewPassword(newPassword, out salt);
m.Password = FormatPasswordForStorage(encodedPassword, salt);
m.RawPasswordValue = FormatPasswordForStorage(encodedPassword, salt);
m.LastPasswordChangeDate = DateTime.Now;
MemberService.Save(m);
@@ -105,7 +105,7 @@ namespace Umbraco.Web.Security.Providers
}
member.PasswordQuestion = newPasswordQuestion;
member.PasswordAnswer = EncryptString(newPasswordAnswer);
member.RawPasswordAnswerValue = EncryptString(newPasswordAnswer);
MemberService.Save(member);
@@ -157,7 +157,7 @@ namespace Umbraco.Web.Security.Providers
memberTypeAlias);
member.PasswordQuestion = passwordQuestion;
member.PasswordAnswer = EncryptString(passwordAnswer);
member.RawPasswordAnswerValue = EncryptString(passwordAnswer);
member.IsApproved = isApproved;
member.LastLoginDate = DateTime.Now;
member.LastPasswordChangeDate = DateTime.Now;
@@ -287,12 +287,12 @@ namespace Umbraco.Web.Security.Providers
var encAnswer = EncryptString(answer);
if (RequiresQuestionAndAnswer && m.PasswordAnswer != encAnswer)
if (RequiresQuestionAndAnswer && m.RawPasswordAnswerValue != encAnswer)
{
throw new ProviderException("Incorrect password answer");
}
var decodedPassword = DecryptPassword(m.Password);
var decodedPassword = DecryptPassword(m.RawPasswordValue);
return decodedPassword;
}
@@ -406,14 +406,14 @@ namespace Umbraco.Web.Security.Providers
var encAnswer = EncryptString(answer);
if (RequiresQuestionAndAnswer && m.PasswordAnswer != encAnswer)
if (RequiresQuestionAndAnswer && m.RawPasswordAnswerValue != encAnswer)
{
throw new ProviderException("Incorrect password answer");
}
string salt;
var encodedPassword = EncryptOrHashNewPassword(generatedPassword, out salt);
m.Password = FormatPasswordForStorage(encodedPassword, salt);
m.RawPasswordValue = FormatPasswordForStorage(encodedPassword, salt);
m.LastPasswordChangeDate = DateTime.Now;
MemberService.Save(m);
@@ -507,7 +507,7 @@ namespace Umbraco.Web.Security.Providers
return false;
}
var authenticated = CheckPassword(password, member.Password);
var authenticated = CheckPassword(password, member.RawPasswordValue);
if (authenticated == false)
{