yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
19,396 Commits 4 Branches 7 Tags
37b6b425701aa6564ec1fbfa12377004ed9b612f
Commit Graph

252 Commits

Author SHA1 Message Date
Sebastiaan Janssen
617a91c57e Merge pull request #2119 from umbraco/temp-U4-10274 
U4-10274 Umbraco.MemberHasAccess isn't cached
 2017-09-01 15:45:55 +02:00
Shannon
13e2112c3c U4-10361 Creating new member when AllowManuallyChangingPassword="false" - can't set a password 2017-08-29 11:56:38 +10:00
Shannon
d8cfd8f12e U4-10274 Umbraco.MemberHasAccess isn't cached 2017-08-10 13:46:18 +10:00
Shannon
1ccc8cc161 U4-10123 Make sure the backoffice login is not susceptible to DOS attacks 2017-07-25 19:40:30 +10:00
Claus
da8c0726b1 Merge branch 'U4-5454' of git://github.com/trt/Umbraco-CMS into temp-U4-5454 2017-06-29 08:59:45 +02:00
Sam Sperling
b5c2fc82bb U4-9973 Remove sealed modifier from ExternalSignInAutoLinkOptions class 2017-06-02 11:43:06 +10:00
Shannon
46dd86c745 Moves logic for checking if the current user (based on the current thread) is an admin and in which case can reset the password to an extension method 2017-04-18 20:09:27 +10:00
Sebastiaan Janssen
b1c6276a67 U4-7009 Changing passwords design oversight 2017-04-11 20:53:34 +02:00
Shannon
86021c5052 Adds remaining core methods to make 2FA providers work if you know how to wire it up 2017-02-03 00:47:28 +11:00
Shannon
6b038186be Fixes SignalR registration, the mapping was registered in the wrong place and too early so security was not working, bumps version for MyGet 2017-01-03 13:11:05 +11:00
Shannon
95187becaf bumps to next alpha for MyGet 2017-01-03 11:50:29 +11:00
Stephan
cb09681cb0 Merge remote-tracking branch 'origin/dev-v7' into dev-v7.6 2016-12-13 10:36:33 +01:00
gmargol
bab4c7715d Adding optional isApproved parameter instead of hardcoding 'true' value 2016-11-03 11:21:53 +00:00
Tom Pipe
0a49d54a85 Fixed issue with member properties sort order 2016-10-29 18:23:25 +01:00
Stephan
20fc78419e Refactor / fix SignalR integration, add nuspec dependency 2016-10-19 15:07:48 +02:00
Shannon
893c2a99be adds some comments 2016-09-08 09:30:13 +02:00
Shannon
2ff3ce933b U4-8850 Configuring a custom BackOfficeUserManager type will not work if the type is not specifically BackOfficeUserManager 2016-08-12 12:20:00 +02:00
Shannon
e3b9a45435 Updates public APIs to enable umbraco cookie auth so devs can specify their own cookie options if required. 2016-07-18 10:09:46 +02:00
Shannon
506ed9f866 U4-8286 Add OWIN startup events to the UmbracoDefaultOwinStartup class 2016-04-07 17:51:09 +02:00
Shannon
9e3d7a1cce updates default pipeline marker stage for the preview middleware, updates MembershipHelper to not throw an exception if the Role manager is disabled. 2016-03-18 11:05:39 +01:00
Shannon
2f9b526465 Only apply preview auth if Umbraco is fully configured 2016-03-16 10:41:33 +01:00
Shannon
af1fe425a2 udpates ext method to specify an explicit marker stage, updates UmbracoDefaultOwinStartup to be more flexible with the methods to override. 2016-03-09 19:37:37 +01:00
Shannon
22385d40db U4-4219 Can't Preview protected pages 2016-03-09 17:35:50 +01:00
Sebastiaan Janssen
42a68cb770 U4-7494 Installation Fails for 7.3.3 - Intermittent - Value cannot be null. Parameter name: sqlSyntax 2016-02-16 14:00:28 +01:00
Shannon
e423864781 Merge remote-tracking branch 'origin/master-v7' into dev-v7 
Conflicts:
	build/UmbracoVersion.txt
	src/SolutionInfo.cs
	src/Umbraco.Core/Cache/FullDataSetRepositoryCachePolicy.cs
	src/Umbraco.Core/Cache/FullDataSetRepositoryCachePolicyFactory.cs
	src/Umbraco.Core/Configuration/UmbracoVersion.cs
	src/Umbraco.Core/Persistence/Repositories/ContentTypeBaseRepository.cs
	src/Umbraco.Core/Persistence/Repositories/ContentTypeRepository.cs
	src/Umbraco.Core/Persistence/Repositories/DomainRepository.cs
	src/Umbraco.Core/Persistence/Repositories/LanguageRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MediaTypeRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberTypeRepository.cs
	src/Umbraco.Core/Persistence/Repositories/PublicAccessRepository.cs
	src/Umbraco.Core/Persistence/Repositories/TemplateRepository.cs
	src/Umbraco.Core/Umbraco.Core.csproj
	src/Umbraco.Tests/Cache/FullDataSetCachePolicyTests.cs
	src/Umbraco.Web.UI.Client/src/common/directives/components/grid/grid.rte.directive.js
	src/Umbraco.Web.UI.Client/src/less/hacks.less
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web/WebBootManager.cs
 2016-02-03 12:30:11 +01:00
Shannon
6583ff4439 U4-7821 KeepUserLoggedIn with a long umbracoTimeOutInMinutes has logout issues 2016-02-02 12:12:51 +01:00
Shannon
dca6f2b42a fixes build 2016-01-06 10:47:58 +01:00
Shannon
b0060a9592 Merge remote-tracking branch 'origin/dev-v7' into 7.4.0 
Conflicts:
	build/InstallGit.cmd
	build/UmbracoVersion.txt
	src/SolutionInfo.cs
	src/Umbraco.Core/Configuration/UmbracoVersion.cs
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web.UI/Umbraco/config/lang/nb.xml
	src/Umbraco.Web/Editors/DataTypeValidateAttribute.cs
	src/Umbraco.Web/Security/Identity/UmbracoBackOfficeCookieAuthOptions.cs
	src/Umbraco.Web/WebServices/SaveFileController.cs
 2016-01-06 10:46:38 +01:00
Shannon
d08f4230c8 U4-7538 GetRemainingTimeoutSeconds is double setting the cookie in 7.4 2016-01-05 12:35:06 +01:00
Shannon
887bbdc3b0 dont' set applicationcontext to null on dispose for request based lifespan instances since applicationcontext is a singleton lifespan. 2015-12-17 11:32:50 +01:00
Shannon
3f796791cc uses the main property value instead of the param 2015-12-15 17:17:11 +01:00
Shannon
b74cab6f0b U4-7538 GetRemainingTimeoutSeconds is double setting the cookie in 7.4 2015-12-15 16:56:31 +01:00
Shannon
8598ab565c Fixes: U4-7536 Sign-out in back office will call all ASP.Net identity middleware sign out methods 
publicises a few things too.
 2015-12-15 10:34:11 +01:00
Shannon
87100feb3d Fixes: U4-7467 Umbraco 7.3.2 Clean install, OWIN error after database creation and bumps version 2015-11-27 21:23:24 +01:00
Shannon
c4860a490f Ensures that GetUserSecondsMiddleWare uses the SystemClock for UTC Now, ensures that it only extends the ticket when necessary and not everytime this middleware is called - the same logic that OWIN normally renews tickets with, this means the cookie is not written everytime this request is made. 2015-11-27 16:43:02 +01:00
Shannon
8e6bbc3df9 Ensures that written cookies are done so consistently based on the UmbracoBackOfficeCookieAuthOptions. Ensures that when a webforms page requests token renewal that the token is not always renewed for the request, it checks if the tokens expiry correctly and only renews when necessary so the cookie is not written each time. Fixes the ForceRenewalCookieAuthenticationHandler to only write a cookie if the request is for a request that is not normally auth'd (i.e. is a webforms form that exists outside the normal /umbraco path ... legacy). 2015-11-27 16:25:39 +01:00
Shannon
fd66f08520 Fixes setting auth cookie during install, removes some try/catch/swallow with some error messaging, converts some String -> string and == false updates. 2015-11-26 13:07:22 +01:00
Shannon
6d0aa824ad U4-7307 Windows Authentication prompts for Windows login after Umbraco login 2015-11-24 16:31:18 +01:00
Shannon
555b520a0c Cleans up the usages of auth cookies. OWIN is in charge of auth cookies but because we have Webforms, WebApi, MVC and OWIN, they all like to deal with cookies differently. OWIN should still be solely in charge of the auth cookies, so the auth extensions are cleaned up, the renewal now works by queuing the renewal and we have custom middleware detect if a force renewal has been queued and we renew the auth cookie there. Have obsoleted a few methods that should not be used that write auth tickets directly (this is purely for backwards compat with webforms). All of these changes now ensure that the auth cookie is renewed consistently between Webforms, WebApi, MVC and OWIN. Some changes also include ensuring that OWIN is used to sign out. 2015-11-19 18:12:21 +01:00
Shannon
71ec09486d Reverts the 'fix' from U4-7118 since it is incorrect. Updates the sliding expiration of the cookie/ticket when the user is supposed to be always logged in to 30 minutes in case the timeout is actually set very low in config. 2015-11-19 14:17:06 +01:00
Stephan
f5f9cb676c Fix CultureInfo leak in UmbracoApplicationBase too. 2015-11-17 16:54:24 +01:00
Shannon
bbbea99ced removes redundant null check. 2015-11-09 10:56:07 +01:00
Shannon
3d213342bf Fixes: U4-7353 OAuth providers for the back office require more flexibility with Challenge Results 2015-11-09 10:42:15 +01:00
Stephan
cfab30a1ef Fix thread CultureInfo issue breaking PetaPoco 2015-10-31 12:47:03 +01:00
m_stodd
7abbfbcfcc Setting UMB_CONTEXT with Domain "FALSE" 
Running Umbraco on localhost, Chrome does not handle received 'Set Cookie's with no domain.  "FALSE" works as noted here:  http://stackoverflow.com/questions/1134290/cookies-on-localhost-with-explicit-domain
 2015-09-18 02:13:12 -05:00
Shannon
779dd26527 Fixes: U4-6969 Property label localization in 7.3 always uses en-US locale 2015-09-16 15:22:40 +02:00
Shannon
b0fb892b16 Fixes: U4-6736 Log "logout" from Umbraco and also ensures logging is occuring on timeout, logout, login all with Identity stuff. 2015-07-23 12:03:50 +02:00
Stephan
db0cfad6b9 Merge 7.2.7 into dev-v7 
Conflicts:
	src/Umbraco.Core/Configuration/UmbracoVersion.cs
	src/Umbraco.Tests/packages.config
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web.UI/packages.config
	src/Umbraco.Web/Umbraco.Web.csproj
	src/Umbraco.Web/packages.config
	src/umbraco.MacroEngines/packages.config
	src/umbraco.cms/packages.config
	src/umbraco.cms/umbraco.cms.csproj
	src/umbraco.controls/umbraco.controls.csproj
	src/umbraco.editorControls/umbraco.editorControls.csproj
 2015-07-14 19:57:56 +02:00
Sebastiaan Janssen
7bc208e490 U4-6825 Can't blank out values using the built-in EditProfile snippet 
#U4-6825 Fixed
 2015-07-14 15:32:08 +02:00
Shannon
eddd643249 ensures that when setting the PropertyType's property on a PropertyGroup that the PropertyGroupId is set and updates an auth method to ensure that the correct identity type is returned. 2015-07-13 15:52:21 +02:00