Robert
|
bba58ea0c0
|
Replaced all usages of DisposableObject with DisposableObjectSlim
|
2018-01-10 13:48:55 +01:00 |
|
Shannon Deminick
|
43f369f96f
|
Merge pull request #2306 from Sam7/dev-v7
U4-10453 - Ability to Sync after each external login (using OWIN)
|
2017-12-18 14:42:25 +11:00 |
|
Shannon
|
78f6b8d8bc
|
Fixes up more the the session id validation, makes sure that the GetUserSecondsMiddleWare also validates the session since this is what keeps the user logged in if that option is being used.
|
2017-11-08 23:57:17 +11:00 |
|
Sam Sperling
|
dcdaa8d62d
|
U4-10453 - Ability to Sync after each external login (using OWIN)
Added a new function OnExternalLogin for the ExternalSignInAutoLinkOptions to enable full syncing capabilities for external logins
|
2017-11-06 15:31:36 +11:00 |
|
Shannon
|
019147c1a1
|
Moves the session generation to the BackOfficeCookieAuthenticationProvider which is where it should be, so it only gets generated before the cookie is written. Writes the checking cookie inside of a lock to prevent multiple db and cookie writes that are unecessary.
|
2017-11-03 18:07:17 +11:00 |
|
Shannon
|
782d6100f0
|
Gets user session management tracking via the database including detecting stale sessions, generating and removing them along with cleaning them up. This takes into account legacy code too. The session is revalidated on a one minute threshold per user so that it's not hammering the databse on every request.
|
2017-11-03 17:27:23 +11:00 |
|
Shannon
|
029ace796d
|
Merge remote-tracking branch 'origin/dev-v7' into dev-v7.7
# Conflicts:
# src/Umbraco.Core/Security/BackOfficeUserManager.cs
# src/Umbraco.Web/Security/Providers/UsersMembershipProvider.cs
|
2017-09-18 20:04:05 +10:00 |
|
Shannon
|
8b39f495e5
|
Simplifies the UnlockUser method so we don't have to have it in the BackOfficeUserManager
|
2017-09-18 19:59:23 +10:00 |
|
Shannon
|
e8e0664129
|
Merge remote-tracking branch 'origin/dev-v7' into dev-v7.7, removes the UnlockUser method of BackOfficeUserManager since the membership provider is no longer used to perform any unlocking
|
2017-09-18 19:38:10 +10:00 |
|
Shannon
|
d468e346f1
|
reverts changes made to UmbracoMembershipProvider and adds another virtual internal method that the UsersMembershipProvider overrides, so now all of the event raising is done in the user specific provider.
|
2017-09-18 19:01:00 +10:00 |
|
Shannon
|
2a10eed059
|
Moves raising events for reseting/changing password out of the MembershipHelper ChangePassword method and to the places where it is being called
|
2017-09-18 16:56:43 +10:00 |
|
Sebastiaan Janssen
|
bb88eb155f
|
Merge remote-tracking branch 'origin/dev-v7' into dev-v7.7
# Conflicts:
# src/Umbraco.Core/Security/BackOfficeSignInManager.cs
# src/Umbraco.Core/Security/BackOfficeUserManager.cs
# src/Umbraco.Web/Editors/AuthenticationController.cs
# src/Umbraco.Web/Security/MembershipHelper.cs
# src/Umbraco.Web/umbraco.presentation/umbraco/users/EditUser.aspx.cs
|
2017-09-15 16:34:51 +02:00 |
|
Sebastiaan Janssen
|
b6dbc245e2
|
Merge branch 'dev-v7' into temp-U4-8634
|
2017-09-15 13:57:46 +02:00 |
|
Shannon Deminick
|
85758011b5
|
Merge pull request #2140 from umbraco/temp-U4-10268_2
U4-10268 7.7 Beta - Changing password should be safe by default
|
2017-09-07 22:38:45 +10:00 |
|
Shannon
|
4b7bd6482e
|
Creates new EmailSender which should take the place throughout the codebase for sending emails in the Core. Have replaced most places where SMTP is used directly (but not the notifications part since that is more complicated right now). Added the internal event and special usage so we can raise an event to send an email if smtp is not configured.
|
2017-09-05 18:52:03 +10:00 |
|
Shannon
|
7926a0c676
|
Simplifies the change password logic with the back office so an admin user can easily change another user's password if they have access to the users section. Updates the controllers to populate the modelstate correctly, changes name of HasAppAccess to HasSectionAccess. Ensure we don't have duplicate ysod dialogs when there is an error.
|
2017-09-04 22:03:03 +10:00 |
|
Shannon
|
0e0ab81155
|
Changes AllowManuallyChangingPassword by default to be false
|
2017-09-04 17:26:45 +10:00 |
|
Shannon
|
a608577a4f
|
Merge branch 'dev-v7' into dev-v7.7
# Conflicts:
# src/Umbraco.Core/Constants-Security.cs
# src/Umbraco.Core/Security/BackOfficeUserStore.cs
# src/Umbraco.Core/Services/ContentService.cs
# src/Umbraco.Core/Services/UserService.cs
# src/Umbraco.Tests/App.config
# src/Umbraco.Web/umbraco.presentation/umbraco/users/EditUser.aspx.cs
|
2017-09-04 16:51:20 +10:00 |
|
Sebastiaan Janssen
|
617a91c57e
|
Merge pull request #2119 from umbraco/temp-U4-10274
U4-10274 Umbraco.MemberHasAccess isn't cached
|
2017-09-01 15:45:55 +02:00 |
|
Shannon
|
13e2112c3c
|
U4-10361 Creating new member when AllowManuallyChangingPassword="false" - can't set a password
|
2017-08-29 11:56:38 +10:00 |
|
Shannon
|
2d089033d0
|
U4-10268 7.7 Beta - Changing password should be safe by default
|
2017-08-21 17:01:18 +10:00 |
|
Shannon
|
d8cfd8f12e
|
U4-10274 Umbraco.MemberHasAccess isn't cached
|
2017-08-10 13:46:18 +10:00 |
|
Shannon
|
e29ac4d17c
|
Fixes issue with the change made to WebSecurity.ValidateBackOfficeCredentials ... not sure what i was thinking
|
2017-08-02 16:04:37 +10:00 |
|
Shannon
|
5cd314335c
|
formatting
|
2017-08-02 11:56:11 +10:00 |
|
Shannon
|
241d486e97
|
Merge remote-tracking branch 'origin/dev-v7' into dev-v7.7
# Conflicts:
# src/Umbraco.Web/Security/Identity/FormsAuthenticationSecureDataFormat.cs
|
2017-08-02 11:55:15 +10:00 |
|
Stephan
|
e52adfdd07
|
Merge branch user-group-permissions into temp-U4-8643
|
2017-07-28 10:38:43 +02:00 |
|
Shannon
|
1ccc8cc161
|
U4-10123 Make sure the backoffice login is not susceptible to DOS attacks
|
2017-07-25 19:40:30 +10:00 |
|
Shannon
|
97471f667d
|
Updates the BackOfficeIdentityUser to property support ASP.NET Identity Roles
|
2017-07-20 22:02:32 +10:00 |
|
Shannon
|
7aca656919
|
Merge branch 'user-group-permissions' into temp-U4-10138
# Conflicts:
# src/Umbraco.Core/Models/Identity/BackOfficeIdentityUser.cs
# src/Umbraco.Core/Models/Identity/IdentityModelMappings.cs
|
2017-07-20 20:00:05 +10:00 |
|
Shannon
|
63befa55d5
|
Updates password changing for users to use ASP.NET Identity, there's still some more work here to do to implement the IUserAwarePasswordHashing and to result some of the TODOs. Also moved all password changing logic to PasswordChanger even for legacy membership providers.
|
2017-07-20 12:53:09 +10:00 |
|
Shannon
|
8df00d5525
|
Fixes U4-10111 Changing email on a user doesn't show the username field
|
2017-07-19 19:22:43 +10:00 |
|
Shannon
|
db957c8eaa
|
removes unused method
|
2017-07-19 14:15:30 +10:00 |
|
Shannon
|
b32325bbaa
|
Adds all change tracking to the BackOfficeIdentityUser ensures values are not persisted that are not changed, adds required null checks, removes internal method GetOrCreateBackOfficeUser
|
2017-07-19 14:13:42 +10:00 |
|
Shannon
|
73b107ee2a
|
Fixing U4-10138 Cannot upgrade to 7.7 due to user groups and U4-7907 With non OAuth external login providers we should have an 'auto-link' / 'auto-create' callback option
|
2017-07-18 19:53:34 +10:00 |
|
Claus
|
6a48c1646d
|
checking for uses of userType.
|
2017-07-13 09:26:48 +02:00 |
|
Shannon
|
ff02b28d26
|
Fixes tree for single tree sections, fixes creating a user group so you can select default permissions
|
2017-07-03 16:31:47 +10:00 |
|
Shannon
|
e4edd8f692
|
U4-10053 Review anywhere else in the codebase that may reference User Type
This also removes some totally unused and ancient code
|
2017-06-30 18:14:44 +10:00 |
|
Shannon
|
804c60653e
|
Merge branch 'dev-v7.7' into user-group-permissions
# Conflicts:
# src/Umbraco.Core/Services/UserService.cs
# src/Umbraco.Tests/Services/ContentServiceTests.cs
# src/Umbraco.Web.UI/umbraco/config/lang/en.xml
# src/Umbraco.Web.UI/umbraco/config/lang/nl.xml
|
2017-06-30 16:57:22 +10:00 |
|
Shannon
|
546999e470
|
U4-9946 Update the ExternalSignInAutoLinkOptions to support groups - currently still using UserType
|
2017-06-30 16:50:44 +10:00 |
|
Claus
|
da8c0726b1
|
Merge branch 'U4-5454' of git://github.com/trt/Umbraco-CMS into temp-U4-5454
|
2017-06-29 08:59:45 +02:00 |
|
Shannon
|
0cd871241f
|
Gets password reset working, gets more server side validation wired up
|
2017-06-23 16:38:39 +10:00 |
|
Shannon
|
692dc66684
|
You can now change the user password in the user editor
|
2017-06-23 14:08:58 +10:00 |
|
Shannon
|
cec829774e
|
Merge remote-tracking branch 'origin/dev-v7' into user-group-permissions
# Conflicts:
# src/Umbraco.Core/Persistence/Repositories/ContentRepository.cs
# src/Umbraco.Web/Cache/DataTypeCacheRefresher.cs
|
2017-06-20 17:09:52 +10:00 |
|
Shannon
|
a62426a763
|
Gets email sending ensures user is logged in with verifying but is only partially logged in and cannot access the back office, they can only access the verification screen
|
2017-06-14 16:21:56 +02:00 |
|
Shannon
|
2ee34d5c48
|
updates user models
|
2017-06-05 23:25:33 +02:00 |
|
Sebastiaan Janssen
|
74126134b1
|
Some more cleanup
|
2017-06-05 12:07:45 +02:00 |
|
Sebastiaan Janssen
|
727250d2ab
|
Removing AccountCreated and AccountUpdated for now, is the responsibility of UserService
|
2017-06-04 16:55:23 +02:00 |
|
Sam Sperling
|
b5c2fc82bb
|
U4-9973 Remove sealed modifier from ExternalSignInAutoLinkOptions class
|
2017-06-02 11:43:06 +10:00 |
|
Shannon
|
dec9422531
|
Updated DB and business logic to support multiple starts nodes for a user and for user groups to have start nodes - U4-9915 User Groups will have a start node assigned and Users can have multiple start nodes assigned
|
2017-05-25 02:03:41 +10:00 |
|
Shannon
|
38837049f0
|
adds invite user endpoint with a controller test!
|
2017-05-24 19:01:01 +10:00 |
|