Umbraco-CMS

yv01p/Umbraco-CMS

Fork 0

Commit Graph

Author	SHA1	Message	Date
Sven Geusens	393d178b58	User endpoint additions and corrections (#15773 ) * Make create user endpoint work with the supplied id Return 201 instead of 200 with correct resource identifier * Add ResetPassword endpoint * Bring changepassword route inline with other resource actions * Fixed User endpoints not advertising all their possible response codes/ models Fixed certain endpoints not authorizing targeted user(s) versus the admin needs admin authorization requirement Fixed a user not found response bug for the update flow Fix spacing * Fixed CurrentUser endpoints not advertising all their possible response codes/ models Fix incorrect responseStatus in UserService.GetPermissionsAsync * Update OpenApi definition Fix smal model oversights in previous commits * Update incorrect Response type * Check for duplicate id's in user create validation * Remove unnecasary returnmodel from changepassword Renamed the model to it's remaining usage * rename bad constructor parameter * Renamed method parameters for better readability and usage * Fixed wrong userkey being passed down because of (refactored) bad naming Technically doesn't change anything as the two id's should be the same in this case (reset with token is always for self) * Fixed resetpassword bug * Update openapi * Update src/Umbraco.Core/Services/UserService.cs Co-authored-by: Kenn Jacobsen <kja@umbraco.dk> * Remove old password from change user password request model Only makes sense when doing it for the logged in user => current endpoint --------- Co-authored-by: Sven Geusens <sge@umbraco.dk> Co-authored-by: Kenn Jacobsen <kja@umbraco.dk>	2024-02-29 10:40:48 +01:00
Bjarke Berg	aaca7a5ff4	2FA for users in management API (#15607 ) * Added 2FA management endpoints * Ensure not found do not lead to forbidden results * Do not inherit the requirement to have access to users, from the current user base class * Updated OpenApi.json * Handle 2FA in login scenario (only backend) * Added the endpoint to use for client to post 2FA code * Fixed tests and allow injecting the authentication type settings * fix test build * Fallback to use Constants.Security.BackOfficeAuthenticationType * remove unused variable * Review fixes * Build fix * Update src/Umbraco.Cms.Api.Management/Controllers/User/Current/DisableTwoFactorProviderCurrentUserController.cs Co-authored-by: Sven Geusens <geusens@gmail.com> * Handle case where 2fa provider is already setup --------- Co-authored-by: Sven Geusens <geusens@gmail.com>	2024-01-23 18:07:21 +01:00

Author

SHA1

Message

Date

Sven Geusens

393d178b58

User endpoint additions and corrections (#15773 )

* Make create user endpoint work with the supplied id

Return 201 instead of 200 with correct resource identifier

* Add ResetPassword endpoint

* Bring changepassword route inline with other resource actions

* Fixed User endpoints not advertising all their possible response codes/ models

Fixed certain endpoints not authorizing targeted user(s) versus the admin needs admin authorization requirement
Fixed a user not found response bug for the update flow
Fix spacing

* Fixed CurrentUser endpoints not advertising all their possible response codes/ models

Fix incorrect responseStatus in UserService.GetPermissionsAsync

* Update OpenApi definition

Fix smal model oversights in previous commits

* Update incorrect Response type

* Check for duplicate id's in user create validation

* Remove unnecasary returnmodel from changepassword

Renamed the model to it's remaining usage

* rename bad constructor parameter

* Renamed method parameters for better readability and usage

* Fixed wrong userkey being passed down because of (refactored) bad naming

Technically doesn't change anything as the two id's should be the same in this case (reset with token is always for self)

* Fixed resetpassword bug

* Update openapi

* Update src/Umbraco.Core/Services/UserService.cs

Co-authored-by: Kenn Jacobsen <kja@umbraco.dk>

* Remove old password from change user password request model

Only makes sense when doing it for the logged in user => current endpoint

---------

Co-authored-by: Sven Geusens <sge@umbraco.dk>
Co-authored-by: Kenn Jacobsen <kja@umbraco.dk>

2024-02-29 10:40:48 +01:00

Bjarke Berg

aaca7a5ff4

2FA for users in management API (#15607 )

* Added 2FA management endpoints

* Ensure not found do not lead to forbidden results

* Do not inherit the requirement to have access to users, from the current user base class

* Updated OpenApi.json

* Handle 2FA in login scenario (only backend)

* Added the endpoint to use for client to post 2FA code

* Fixed tests and allow injecting the authentication type settings

* fix test build

* Fallback to use Constants.Security.BackOfficeAuthenticationType

* remove unused variable

* Review fixes

* Build fix

* Update src/Umbraco.Cms.Api.Management/Controllers/User/Current/DisableTwoFactorProviderCurrentUserController.cs

Co-authored-by: Sven Geusens <geusens@gmail.com>

* Handle case where 2fa provider is already setup

---------

Co-authored-by: Sven Geusens <geusens@gmail.com>

2024-01-23 18:07:21 +01:00

2 Commits