yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
28,899 Commits 4 Branches 7 Tags
ed8ba3ddcf78369056f469d0ef163441a251ec00
Commit Graph

408 Commits

Author SHA1 Message Date
m_stodd
7abbfbcfcc Setting UMB_CONTEXT with Domain "FALSE" 
Running Umbraco on localhost, Chrome does not handle received 'Set Cookie's with no domain.  "FALSE" works as noted here:  http://stackoverflow.com/questions/1134290/cookies-on-localhost-with-explicit-domain
 2015-09-18 02:13:12 -05:00
Shannon
779dd26527 Fixes: U4-6969 Property label localization in 7.3 always uses en-US locale 2015-09-16 15:22:40 +02:00
Shannon
b0fb892b16 Fixes: U4-6736 Log "logout" from Umbraco and also ensures logging is occuring on timeout, logout, login all with Identity stuff. 2015-07-23 12:03:50 +02:00
Stephan
db0cfad6b9 Merge 7.2.7 into dev-v7 
Conflicts:
	src/Umbraco.Core/Configuration/UmbracoVersion.cs
	src/Umbraco.Tests/packages.config
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web.UI/packages.config
	src/Umbraco.Web/Umbraco.Web.csproj
	src/Umbraco.Web/packages.config
	src/umbraco.MacroEngines/packages.config
	src/umbraco.cms/packages.config
	src/umbraco.cms/umbraco.cms.csproj
	src/umbraco.controls/umbraco.controls.csproj
	src/umbraco.editorControls/umbraco.editorControls.csproj
 2015-07-14 19:57:56 +02:00
Sebastiaan Janssen
7bc208e490 U4-6825 Can't blank out values using the built-in EditProfile snippet 
#U4-6825 Fixed
 2015-07-14 15:32:08 +02:00
Shannon
eddd643249 ensures that when setting the PropertyType's property on a PropertyGroup that the PropertyGroupId is set and updates an auth method to ensure that the correct identity type is returned. 2015-07-13 15:52:21 +02:00
Shannon
53a0c55b14 Implements SignInManager, implements lock out policy for user manager, allows for better implementation of 2 factor auth for developers. Updates to latest owin libs. 2015-07-01 17:07:29 +02:00
Shannon
56315768e9 updates method name 2015-06-26 17:04:40 +02:00
Shannon
b42959f663 Gets U4-6753 Identity support must have an option to enable auto-linked accounts working 2015-06-26 16:59:40 +02:00
Shannon
7c96f95491 Fixes: U4-6723 User timeout in the back office is an issue with new ASP.Net identity implementation 2015-06-18 19:16:49 +02:00
Shannon
2f80d5466d Merge branch '7.3.0' of https://github.com/umbraco/Umbraco-CMS into 7.3.0 2015-06-09 12:17:53 +02:00
Shannon
e90766ad06 Ensures that during install that we don't enable the identity user manager or cookie auth since no db tables exist, fixes the IsUpgrading check to check for actual valid tables 2015-06-09 12:17:45 +02:00
Stephan
379c629e9c U4-6683 - TEMP workaround enabling upgrade to 7.3 2015-06-08 22:50:48 +02:00
Shannon
95ff94c532 Merge branch 'dev-v7' into 7.3.0 
Conflicts:
	src/Umbraco.Core/packages.config
	src/Umbraco.Web.UI/packages.config
	src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
	src/Umbraco.Web/Editors/AuthenticationController.cs
	src/Umbraco.Web/packages.config
 2015-05-11 12:26:53 +10:00
Shannon
d94b334375 Moves login logging to the provider level 2015-05-11 12:22:56 +10:00
Shannon
cd2f512284 moves auth server classes to the identity extensions sln 2015-05-04 11:02:23 +10:00
Shannon
c3ca651e4a Renames a few things to shorten names 2015-04-10 16:55:04 +10:00
Shannon
f2e319a01f Updates the UmbracoBackOfficeIdentity to have better support for claims and adds unit tests for it. Creates OwinLogger's and methods to apply them. Updates security methods to ensure that a UmbracoBackOfficeIdentity is returned even from a normal ClaimsIdentity which will be the case with bearer tokens. Updates the angular anti-forgery checker to be ignore if the auth type is not cookie based. Adds a simple token server provider that people can use if they want. Now token authentication is working. 2015-04-10 14:22:09 +10:00
Shannon
a321d4d1b8 Allows the ability to use external logins to login to authorize upgrades, this means being able to add reserved paths at startup dynamically which is now built in as part of the AuthenticationOptionsExtensions for registering external logins for the back office. 2015-04-02 14:46:53 +11:00
Shannon
a43847bc8b Adds IsUpgrading method to ApplicationContext and fixes AppBuilderExtensions checks since we need a user manager when upgrading 2015-04-01 16:12:32 +11:00
Shannon
6efd14eff3 Updates the startup auth code extension methods to better support extensibility so people could override the default user store or manager in order to implement some interfaces that we currently don't. 2015-04-01 13:42:31 +11:00
Shannon
e468492064 Updates back office ext methods to include the CallbackPath which is key to make multi-tenanted work and ensures that the back office providers are linked with the umbraco back office external cookie provider. Adds some docs about it too. Updates the web.config templates to ensure the correct assembly redirects. 2015-04-01 13:42:29 +11:00
Shannon
880c9cf679 Updates back office extensions to use AuthenticationDescriptionOptionsExtension to configure the options for umb back office 2015-04-01 13:42:19 +11:00
Shannon
bf59510c68 Removes setting the default sign in auth type - this is a user setting, we cannot modify that. 2015-04-01 13:42:16 +11:00
Shannon
86833aa8bf Updates the back office external cookie name to be consistently cased with the other back office cookie names 2015-04-01 13:42:11 +11:00
Shannon
4dcc4807ed Implements IUserSecurityStore and ensures there is a security stamp token in place, have updated the repository layer to manual update this if ASPNet Identity APIs are not used to update users. 2015-04-01 13:42:09 +11:00
Shannon
90b562a0a1 Update the PostLogin method to write the auth ticket the way that webapi is supposed to, not sure how this was actually working before because writing cookies directly with HttpContext and then also using WebApi normally doesn't work (maybe in very specific circumstances), so now the cookie writing is done consistently and it is working, prior to this i was getting lots of issues with the xsrf tokens. Updated some user model mappings for convenience and update naming conventions for some properties of the BackOfficeIdentityUser for consistency. 2015-04-01 13:42:07 +11:00
Shannon
5a88ff774c adds overload to specify custom backoffice user store for custom implementations (i.e. 2 factor auth, etc...) 2015-04-01 13:41:57 +11:00
Shannon
b269760b21 removes the BackOfficeRoleManager since we don't use roles in the back office (sections i suppose) and we can't dynamically just create them, that doesn't make sense. 2015-04-01 13:41:55 +11:00
Shannon
2d72a66879 Updates OwinStartup and split the methods into an extension methods file complete with documentation on how to implement the providers. Tested the microsoft provider. Now to clean things up: remove the 3rd party package installs to be ready for shipping, ensure that the user parts are extensible enough for people to plugin their own interfaces. 2015-04-01 13:41:50 +11:00
Shannon
7dc50fda26 moves NaiveSessionCache to web proj 2015-04-01 13:41:48 +11:00
Shannon
4b156ba27e Starts stubbing out role manager code 2015-04-01 13:41:43 +11:00
Shannon
52c4d80cfc more identity awesome 2015-04-01 13:41:33 +11:00
Shannon
5d4d209030 Gets external cookies working with a custom auth type (so we don't interfere with the 'default') 2015-04-01 13:41:31 +11:00
Shannon
d9f453d860 Gets the user store up to date with the correct queries. 2015-04-01 13:41:28 +11:00
Shannon
8c51e8bad8 Implements IExternalLoginService and the db table, implements more logic to start enabling this to work in the back office, need to implement the rest of the userstore and then implement a way once logged in to the back office to allow users to link their accounts with external logins. Currently if an external login is detected during startup and it has not been linked we'll throw an exception. Very very close to making this all work nicely. 2015-04-01 13:41:26 +11:00
Shannon
927add6f44 Updates UmbracoBackOfficeIdentity to add claims and adds a new ctor so people can create an identity manually - this is really the key, by doing this we'd already be able to have 3rd party authentication happening. Ensures our custom secure data format persists the user data 2015-04-01 13:41:21 +11:00
Shannon
48317d7e61 massively simplifies the cookie handling, we don't use our own and just use the defaults, the trick to not validating everything is to use the cookie path. This does mean that each clientside request will also be validated but there's no way to override this behavior in identity currently, the cookie handler is internal so unless we copy/paste all of it's code can't do much about that. 2015-04-01 13:41:18 +11:00
Shannon
93df2edec2 Initial install which now uses Identity middleware to perform the back office auth (no longer done in our module). Created custom data secure classes that use the legacy Forms auth logic for backwards compat. This means that the cookie can still be written the old way and still auth the new way if required. Now need to clean a lot of this up. 2015-04-01 13:41:16 +11:00
Shannon
028ddfe290 Starts adding asp.net identity 2015-04-01 13:41:13 +11:00
Shannon
d3eff734aa Merge branch 'dev-v7' into 7.3.0 
Conflicts:
	build/UmbracoVersion.txt
	src/Umbraco.Core/Configuration/UmbracoVersion.cs
	src/Umbraco.Core/CoreBootManager.cs
	src/Umbraco.Core/Models/Template.cs
	src/Umbraco.Core/Persistence/Repositories/ContentTypeBaseRepository.cs
	src/Umbraco.Core/PropertyEditors/ParameterEditorResolver.cs
	src/Umbraco.Core/PropertyEditors/PropertyEditorResolver.cs
	src/Umbraco.Core/Services/LocalizedTextService.cs
	src/Umbraco.Core/Umbraco.Core.csproj
	src/Umbraco.Tests/Plugins/TypeFinderTests.cs
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web/Editors/BackOfficeController.cs
	src/Umbraco.Web/Models/ContentExtensions.cs
	src/Umbraco.Web/PublishedContentExtensions.cs
	src/Umbraco.Web/Routing/PublishedContentRequestEngine.cs
	src/Umbraco.Web/Scheduling/Scheduler.cs
	src/Umbraco.Web/Umbraco.Web.csproj
 2015-03-19 17:37:00 +11:00
Shannon
e5cf7b089c oops, added timeouts where they cannot exist for request cache, fixes build 2015-03-19 14:47:08 +11:00
Shannon
b9082cf390 Fixes our usages of GetCacheItem so that there is a timeout, this is needed otherwise memory won't be given back unless memory gets too high where in fact for most of these we want to give it back as soon as possible if it isn't being used. 2015-03-19 14:00:48 +11:00
Shannon
9a042fbbdf Removes the assignment of the DefaultPermissions property since this is auto assigned in the ctor (and should be assignable) 2015-03-03 19:40:37 +11:00
Shannon
c760a7c50d Merge branch 'dev-v7-7.3.0-UmbHelperInterfaces' of https://github.com/Shazwazza/Umbraco-CMS into Shazwazza-dev-v7-7.3.0-UmbHelperInterfaces 
Conflicts:
	src/Umbraco.Web/Umbraco.Web.csproj
 2015-02-18 17:14:55 +01:00
Shannon
428df7ae4a Merge branch 'dev-v7' into 7.3.0 
Conflicts:
	src/Umbraco.Core/Umbraco.Core.csproj
	src/Umbraco.Web.UI/packages.config
	src/Umbraco.Web/Umbraco.Web.csproj
 2015-02-17 15:11:10 +01:00
Shannon
80f81ce379 fixes: U4-6255 Add configurable option in base membership providers to toggle AllowManuallyChangingPassword 2015-02-12 15:58:11 +11:00
Shannon
5a76e380de Adds some extension methods, updates the PCR to not use the legacy access class... this actually also reduces a db lookup, made it not depenent on singletons. 2015-01-28 19:27:08 +11:00
Shannon
da778e277f Fixes: U4-6093 ContentService.SaveAndPublishDo changes Culture 2015-01-12 21:45:52 +11:00
Shannon
db087a9e78 pretty much got 5966 working just need to do some more tests. 2014-12-17 17:08:12 +11:00