* Turn SlidingExpiration off and only renew cookie of not RemainingSeconds request
Also adds the TicketExpiresClaim before validating the the security stamp, otherwise the claim won't be merged and "dissappear", leading to the user being instantly logged out
Also only EnsureValidSessionId if not RemainingSeconds request, otherwise the session will always be valid, since the remaining seconds request renews it.
* Don't ignore SessionIdClaimType and Cookiepath when merging claims
Besides what the comment used to state these claims are only issued when logging in, leading you to be logged out once the claims are merged, furthermore when we check the session ID we verify that you session has not expired.
* Manually specify Issued and Expires when renewing token
If we don't we lose 30 minutes of our ExpireTimeSpan every time the principal refreshes
* Re-add ignored claims
And use MergeAllClaims on refreshing principal instead.
* EnsureValidSessionId before updating IssuedUtc
* Fix comment
* Update src/Umbraco.Web.BackOffice/Security/ConfigureBackOfficeCookieOptions.cs
Co-authored-by: nikolajlauridsen <nel@umbraco.dk>
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Fixed issue with migration from 8, because the external login table is changed in 9.3, but added in 9.0. we need to use the legacy models when running 9.0 migrations
* Support migration from 8.18 (final state)
* Use lowercase lang folder name for packages lang files
Use lowercase lang folder name for packages lang files to be consistent with Umbraco's casing
* Case insensitive `lang` folder lookup
* Comment grammar
* Setup lower case appl_plugin icons folder path
* Update Constants-SystemDirectories.cs
* Check both casings for the AppPluginIcons path
* Fixed spelling mistake + avoid multiple Exists checks
* Add IsCaseSensitiveFileSystem to IHostingEnvironment
* Add IsCaseSensitiveFileSystem to AspNetCoreHostingEnvironment
* Undo last changes
* Undo last changed
* Add FileSystemUtility
* Only perform second iconPath if OS is case sensitive
* Undo changes
* Undo changes
* Remove filesystem utils file
* Added HostingEnvironmentExtensions.cs
* Use IsCaseSensitiveFileSystem extension method
* Use the Umbraco.Extensions namespace
* Simplify IsCaseSensitiveFileSystem
* Better naming
* Use PluginIcons
* Remove unused using statement
* Delete HostingEnvironmentExtensions.cs
* Update IconService.cs
* Comment clarity
* Update src/Umbraco.Infrastructure/DependencyInjection/UmbracoBuilder.Services.cs
Co-authored-by: Paul Johnson <pmj+github@ologn.co.uk>
Co-authored-by: Paul Johnson <pmj+github@ologn.co.uk>
Co-authored-by: Michael Latouche <michael@crossingpaths.be>
* Store notification z-index in variable
* Only show unordered list if any notifications
* Move notificaion layers to same parent as overlays so layers can be controlled via z-index
* Fix code styling
* Only select ItemIdFieldName and fix exception when variation context is null
* Save hashset instead of making on on each request (indirectly)
Co-authored-by: Bjarke Berg <mail@bergmania.dk>
* Switch a lot of warnings to suggestions until we are able to resolve.
* Make stylecop respect more csharp_style rules
e.g. csharp_using_directive_placement
* Added cheatsheet
* Drop sorting requirements for using directives.
* Added settings for bypassing 2fa for external logins
* Fixed issue with saving roles using member ID before the member had an ID.
* Added missing extension method
* Removed test classes from git
* rollback csproj
Fixes#11951 by changing `UmbracoContext` to be an expression rather than being a static setter thus ensuring the current umbraco context is always returned, rather than a cached version from initial execution
* adding logo as text in replacement of umbraco_logo_white, this will enable existing configuration to continue to work and minimise the breaking change of this PR.
* adjust logo position to fit with logged-in logomark. Allowing for the logo and customised logo to be very wide.
* adding logomark in topbar of backoffice
* login box style
* correction of shadow
* Logo modal, to display more information about the product including linking to the website
* rename to modal
* stop hidden when mouse is out
* Version line without Umbraco
* focus link and use blur as the indication for closing.
* correcting to rgba
* focus and click outside needs a little help to work well
* use @zindexUmbOverlay to ensure right depth going forward.
* adding large logo svg
* append ;
* tidy logo svg file
* adding logo as text in replacement of umbraco_logo_white, this will enable existing configuration to continue to work and minimise the breaking change of this PR.
* adjust logo position to fit with logged-in logomark. Allowing for the logo and customised logo to be very wide.
* adding logomark in topbar of backoffice
* login box style
* correction of shadow
* Logo modal, to display more information about the product including linking to the website
* rename to modal
* stop hidden when mouse is out
* Version line without Umbraco
* focus link and use blur as the indication for closing.
* correcting to rgba
* focus and click outside needs a little help to work well
* use @zindexUmbOverlay to ensure right depth going forward.
* adding large logo svg
* append ;
* tidy logo svg file
