yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

removes the 2FA store implementation since that will need to be manually enabled

Browse Source
This commit is contained in:
Shannon
2020-12-01 18:14:37 +11:00
parent 4671d9d23b
commit fe5dcd83bb
5 changed files with 73 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
src/Umbraco.Infrastructure/BackOffice/BackOfficeUserStore.cs
View File

@@ -12,6 +12,7 @@ using Umbraco.Core.Mapping;
using Umbraco.Core.Models;
using Umbraco.Core.Models.Identity;
using Umbraco.Core.Models.Membership;
using Umbraco.Core.Scoping;
using Umbraco.Core.Services;
namespace Umbraco.Core.BackOffice
@@ -22,15 +23,17 @@ namespace Umbraco.Core.BackOffice
IUserLoginStore<BackOfficeIdentityUser>,
IUserRoleStore<BackOfficeIdentityUser>,
IUserSecurityStampStore<BackOfficeIdentityUser>,
IUserLockoutStore<BackOfficeIdentityUser>,
IUserTwoFactorStore<BackOfficeIdentityUser>,
IUserLockoutStore<BackOfficeIdentityUser>,
IUserSessionStore<BackOfficeIdentityUser>
// TODO: This would require additional columns/tables for now people will need to implement this on their own
//IUserPhoneNumberStore<BackOfficeIdentityUser, int>,
// TODO: To do this we need to implement IQueryable - we'll have an IQuerable implementation soon with the UmbracoLinqPadDriver implementation
//IQueryableUserStore<BackOfficeIdentityUser, int>
// TODO: This would require additional columns/tables and then a lot of extra coding support to make this happen natively within umbraco
//IUserTwoFactorStore<BackOfficeIdentityUser>,
// TODO: This would require additional columns/tables for now people will need to implement this on their own
//IUserPhoneNumberStore<BackOfficeIdentityUser, int>,
// TODO: To do this we need to implement IQueryable - we'll have an IQuerable implementation soon with the UmbracoLinqPadDriver implementation
//IQueryableUserStore<BackOfficeIdentityUser, int>
{
private readonly IScopeProvider _scopeProvider;
private readonly IUserService _userService;
private readonly IEntityService _entityService;
private readonly IExternalLoginService _externalLoginService;
@@ -38,8 +41,9 @@ namespace Umbraco.Core.BackOffice
private readonly UmbracoMapper _mapper;
private bool _disposed = false;
public BackOfficeUserStore(IUserService userService, IEntityService entityService, IExternalLoginService externalLoginService, IOptions<GlobalSettings> globalSettings, UmbracoMapper mapper)
public BackOfficeUserStore(IScopeProvider scopeProvider, IUserService userService, IEntityService entityService, IExternalLoginService externalLoginService, IOptions<GlobalSettings> globalSettings, UmbracoMapper mapper)
{
_scopeProvider = scopeProvider;
_userService = userService;
_entityService = entityService;
_externalLoginService = externalLoginService;
@@ -168,28 +172,31 @@ namespace Umbraco.Core.BackOffice
throw new InvalidOperationException("The user id must be an integer to work with the Umbraco");
}
// TODO: Wrap this in a scope!
var found = _userService.GetUserById(asInt.Result);
if (found != null)
using (var scope = _scopeProvider.CreateScope())
{
// we have to remember whether Logins property is dirty, since the UpdateMemberProperties will reset it.
var isLoginsPropertyDirty = user.IsPropertyDirty(nameof(BackOfficeIdentityUser.Logins));
if (UpdateMemberProperties(found, user))
var found = _userService.GetUserById(asInt.Result);
if (found != null)
{
_userService.Save(found);
// we have to remember whether Logins property is dirty, since the UpdateMemberProperties will reset it.
var isLoginsPropertyDirty = user.IsPropertyDirty(nameof(BackOfficeIdentityUser.Logins));
if (UpdateMemberProperties(found, user))
{
_userService.Save(found);
}
if (isLoginsPropertyDirty)
{
_externalLoginService.Save(
found.Id,
user.Logins.Select(x => new ExternalLogin(
x.LoginProvider,
x.ProviderKey,
x.UserData)));
}
}
if (isLoginsPropertyDirty)
{
_externalLoginService.Save(
found.Id,
user.Logins.Select(x => new ExternalLogin(
x.LoginProvider,
x.ProviderKey,
x.UserData)));
}
scope.Complete();
}
return Task.FromResult(IdentityResult.Success);
@@ -627,35 +634,6 @@ namespace Umbraco.Core.BackOffice
return user;
}
/// <summary>
/// Sets whether two factor authentication is enabled for the user
/// </summary>
/// <param name="user"/>
/// <param name="enabled"/>
/// <param name="cancellationToken"></param>
/// <returns/>
public virtual Task SetTwoFactorEnabledAsync(BackOfficeIdentityUser user, bool enabled, CancellationToken cancellationToken = default(CancellationToken))
{
cancellationToken.ThrowIfCancellationRequested();
ThrowIfDisposed();
user.TwoFactorEnabled = false;
return Task.CompletedTask;
}
/// <summary>
/// Returns whether two factor authentication is enabled for the user
/// </summary>
/// <param name="user"/>
/// <returns/>
public virtual Task<bool> GetTwoFactorEnabledAsync(BackOfficeIdentityUser user, CancellationToken cancellationToken = default(CancellationToken))
{
cancellationToken.ThrowIfCancellationRequested();
ThrowIfDisposed();
return Task.FromResult(false);
}
#region IUserLockoutStore
/// <summary>

13
src/Umbraco.Infrastructure/BackOffice/IBackOfficeUserManager.cs
View File

@@ -318,20 +318,7 @@ namespace Umbraco.Core.BackOffice
void RaiseForgotPasswordChangedSuccessEvent(IPrincipal currentUser, int userId);
SignOutAuditEventArgs RaiseLogoutSuccessEvent(IPrincipal currentUser, int userId);
UserInviteEventArgs RaiseSendingUserInvite(IPrincipal currentUser, UserInvite invite, IUser createdUser);
bool HasSendingUserInviteEventHandler { get; }
event EventHandler<IdentityAuditEventArgs> AccountLocked;
event EventHandler<IdentityAuditEventArgs> AccountUnlocked;
event EventHandler<IdentityAuditEventArgs> ForgotPasswordRequested;
event EventHandler<IdentityAuditEventArgs> ForgotPasswordChangedSuccess;
event EventHandler<IdentityAuditEventArgs> LoginFailed;
event EventHandler<IdentityAuditEventArgs> LoginRequiresVerification;
event EventHandler<IdentityAuditEventArgs> LoginSuccess;
event EventHandler<SignOutAuditEventArgs> LogoutSuccess;
event EventHandler<IdentityAuditEventArgs> PasswordChanged;
event EventHandler<IdentityAuditEventArgs> PasswordReset;
event EventHandler<IdentityAuditEventArgs> ResetAccessFailedCount;
}
}

4
src/Umbraco.Web.BackOffice/Controllers/AuthenticationController.cs
View File

@@ -340,9 +340,7 @@ namespace Umbraco.Web.BackOffice.Controllers
StatusCode = StatusCodes.Status402PaymentRequired
};
//return verifyResponse;
return verifyResponse;
}
// return BadRequest (400), we don't want to return a 401 because that get's intercepted

25
src/Umbraco.Web.BackOffice/Security/BackOfficeUserManager.cs
View File

@@ -436,17 +436,20 @@ namespace Umbraco.Web.Common.Security
public bool HasSendingUserInviteEventHandler => SendingUserInvite != null;
public event EventHandler<IdentityAuditEventArgs> AccountLocked;
public event EventHandler<IdentityAuditEventArgs> AccountUnlocked;
public event EventHandler<IdentityAuditEventArgs> ForgotPasswordRequested;
public event EventHandler<IdentityAuditEventArgs> ForgotPasswordChangedSuccess;
public event EventHandler<IdentityAuditEventArgs> LoginFailed;
public event EventHandler<IdentityAuditEventArgs> LoginRequiresVerification;
public event EventHandler<IdentityAuditEventArgs> LoginSuccess;
public event EventHandler<SignOutAuditEventArgs> LogoutSuccess;
public event EventHandler<IdentityAuditEventArgs> PasswordChanged;
public event EventHandler<IdentityAuditEventArgs> PasswordReset;
public event EventHandler<IdentityAuditEventArgs> ResetAccessFailedCount;
// TODO: These static events are problematic. Moving forward we don't want static events at all but we cannot
// have non-static events here because the user manager is a Scoped instance not a singleton
// so we'll have to deal with this a diff way i.e. refactoring how events are done entirely
public static event EventHandler<IdentityAuditEventArgs> AccountLocked;
public static event EventHandler<IdentityAuditEventArgs> AccountUnlocked;
public static event EventHandler<IdentityAuditEventArgs> ForgotPasswordRequested;
public static event EventHandler<IdentityAuditEventArgs> ForgotPasswordChangedSuccess;
public static event EventHandler<IdentityAuditEventArgs> LoginFailed;
public static event EventHandler<IdentityAuditEventArgs> LoginRequiresVerification;
public static event EventHandler<IdentityAuditEventArgs> LoginSuccess;
public static event EventHandler<SignOutAuditEventArgs> LogoutSuccess;
public static event EventHandler<IdentityAuditEventArgs> PasswordChanged;
public static event EventHandler<IdentityAuditEventArgs> PasswordReset;
public static event EventHandler<IdentityAuditEventArgs> ResetAccessFailedCount;
/// <summary>
/// Raised when a user is invited

52
src/Umbraco.Web.BackOffice/Security/BackOfficeUserManagerAuditer.cs
View File

@@ -1,4 +1,5 @@
using System;
using Microsoft.Extensions.Options;
using System;
using System.Threading.Tasks;
using Umbraco.Core;
using Umbraco.Core.BackOffice;
@@ -14,18 +15,16 @@ namespace Umbraco.Web.Common.Security
/// </summary>
internal class BackOfficeUserManagerAuditer : IDisposable
{
private readonly IBackOfficeUserManager _backOfficeUserManager;
private readonly IAuditService _auditService;
private readonly IUserService _userService;
private readonly GlobalSettings _globalSettings;
private bool _disposedValue;
public BackOfficeUserManagerAuditer(IBackOfficeUserManager backOfficeUserManager, IAuditService auditService, IUserService userService, GlobalSettings globalSettings)
public BackOfficeUserManagerAuditer(IAuditService auditService, IUserService userService, IOptions<GlobalSettings> globalSettings)
{
_backOfficeUserManager = backOfficeUserManager;
_auditService = auditService;
_userService = userService;
_globalSettings = globalSettings;
_globalSettings = globalSettings.Value;
}
/// <summary>
@@ -34,17 +33,18 @@ namespace Umbraco.Web.Common.Security
public void Start()
{
// NOTE: This was migrated as-is from v8 including these missing entries
//_backOfficeUserManager.AccountLocked += ;
//_backOfficeUserManager.AccountUnlocked += ;
_backOfficeUserManager.ForgotPasswordRequested += OnForgotPasswordRequest;
_backOfficeUserManager.ForgotPasswordChangedSuccess += OnForgotPasswordChange;
_backOfficeUserManager.LoginFailed += OnLoginFailed;
//_backOfficeUserManager.LoginRequiresVerification += ;
_backOfficeUserManager.LoginSuccess += OnLoginSuccess;
_backOfficeUserManager.LogoutSuccess += OnLogoutSuccess;
_backOfficeUserManager.PasswordChanged += OnPasswordChanged;
_backOfficeUserManager.PasswordReset += OnPasswordReset;
//_backOfficeUserManager.ResetAccessFailedCount += ;
// TODO: See note about static events in BackOfficeUserManager
//BackOfficeUserManager.AccountLocked += ;
//BackOfficeUserManager.AccountUnlocked += ;
BackOfficeUserManager.ForgotPasswordRequested += OnForgotPasswordRequest;
BackOfficeUserManager.ForgotPasswordChangedSuccess += OnForgotPasswordChange;
BackOfficeUserManager.LoginFailed += OnLoginFailed;
//BackOfficeUserManager.LoginRequiresVerification += ;
BackOfficeUserManager.LoginSuccess += OnLoginSuccess;
BackOfficeUserManager.LogoutSuccess += OnLogoutSuccess;
BackOfficeUserManager.PasswordChanged += OnPasswordChanged;
BackOfficeUserManager.PasswordReset += OnPasswordReset;
//BackOfficeUserManager.ResetAccessFailedCount += ;
}
private IUser GetPerformingUser(int userId)
@@ -138,16 +138,16 @@ namespace Umbraco.Web.Common.Security
{
if (disposing)
{
//_backOfficeUserManager.AccountLocked -= ;
//_backOfficeUserManager.AccountUnlocked -= ;
_backOfficeUserManager.ForgotPasswordRequested -= OnForgotPasswordRequest;
_backOfficeUserManager.ForgotPasswordChangedSuccess -= OnForgotPasswordChange;
_backOfficeUserManager.LoginFailed -= OnLoginFailed;
//_backOfficeUserManager.LoginRequiresVerification -= ;
_backOfficeUserManager.LoginSuccess -= OnLoginSuccess;
_backOfficeUserManager.LogoutSuccess -= OnLogoutSuccess;
_backOfficeUserManager.PasswordChanged -= OnPasswordChanged;
_backOfficeUserManager.PasswordReset -= OnPasswordReset;
//BackOfficeUserManager.AccountLocked -= ;
//BackOfficeUserManager.AccountUnlocked -= ;
BackOfficeUserManager.ForgotPasswordRequested -= OnForgotPasswordRequest;
BackOfficeUserManager.ForgotPasswordChangedSuccess -= OnForgotPasswordChange;
BackOfficeUserManager.LoginFailed -= OnLoginFailed;
//BackOfficeUserManager.LoginRequiresVerification -= ;
BackOfficeUserManager.LoginSuccess -= OnLoginSuccess;
BackOfficeUserManager.LogoutSuccess -= OnLogoutSuccess;
BackOfficeUserManager.PasswordChanged -= OnPasswordChanged;
BackOfficeUserManager.PasswordReset -= OnPasswordReset;
}
_disposedValue = true;
}