yv01p/Umbraco-CMS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13,413 Commits 4 Branches 7 Tags
fbc08d66f1ce98caec5eec6ba1bdc7c2dfd4d58f
Commit Graph

93 Commits

Author SHA1 Message Date
Shannon
9b054eaa47 Adds native ability to be able to fallback to default password checking if specifying a custom IBackOfficeUserPasswordChecker 2015-10-26 14:51:19 +01:00
Shannon
96c087d00f adds a ctor to the BackOfficeUserManager to allow better inheritance so that all settings are initialized by default, changes init method to be protected so other devs can use it. Adds a new property for devs to use to more easily extend the logic to just validate the username/password. 2015-10-22 18:40:20 +02:00
Shannon
779dd26527 Fixes: U4-6969 Property label localization in 7.3 always uses en-US locale 2015-09-16 15:22:40 +02:00
Shannon
b0fb892b16 Fixes: U4-6736 Log "logout" from Umbraco and also ensures logging is occuring on timeout, logout, login all with Identity stuff. 2015-07-23 12:03:50 +02:00
Shannon
d0c4b2ab72 Fixes user lockout with aspnet identity 2015-07-01 18:02:58 +02:00
Shannon
53a0c55b14 Implements SignInManager, implements lock out policy for user manager, allows for better implementation of 2 factor auth for developers. Updates to latest owin libs. 2015-07-01 17:07:29 +02:00
Shannon
b42959f663 Gets U4-6753 Identity support must have an option to enable auto-linked accounts working 2015-06-26 16:59:40 +02:00
Shannon
95ff94c532 Merge branch 'dev-v7' into 7.3.0 
Conflicts:
	src/Umbraco.Core/packages.config
	src/Umbraco.Web.UI/packages.config
	src/Umbraco.Web.UI/umbraco/config/lang/en_us.xml
	src/Umbraco.Web/Editors/AuthenticationController.cs
	src/Umbraco.Web/packages.config
 2015-05-11 12:26:53 +10:00
Shannon
d94b334375 Moves login logging to the provider level 2015-05-11 12:22:56 +10:00
Shannon
5a3b97c669 puts the claim validation back in (needs to be there, took it out for testing) 2015-04-15 20:38:04 +10:00
Shannon
442160bb7a fixes identity conversion when it's just a generic identity and not auth'd, we can never convert to back office identity if it's not auth'd 2015-04-15 17:03:12 +10:00
Shannon
f2e319a01f Updates the UmbracoBackOfficeIdentity to have better support for claims and adds unit tests for it. Creates OwinLogger's and methods to apply them. Updates security methods to ensure that a UmbracoBackOfficeIdentity is returned even from a normal ClaimsIdentity which will be the case with bearer tokens. Updates the angular anti-forgery checker to be ignore if the auth type is not cookie based. Adds a simple token server provider that people can use if they want. Now token authentication is working. 2015-04-10 14:22:09 +10:00
Shannon
6efd14eff3 Updates the startup auth code extension methods to better support extensibility so people could override the default user store or manager in order to implement some interfaces that we currently don't. 2015-04-01 13:42:31 +11:00
Shannon
86833aa8bf Updates the back office external cookie name to be consistently cased with the other back office cookie names 2015-04-01 13:42:11 +11:00
Shannon
4dcc4807ed Implements IUserSecurityStore and ensures there is a security stamp token in place, have updated the repository layer to manual update this if ASPNet Identity APIs are not used to update users. 2015-04-01 13:42:09 +11:00
Shannon
90b562a0a1 Update the PostLogin method to write the auth ticket the way that webapi is supposed to, not sure how this was actually working before because writing cookies directly with HttpContext and then also using WebApi normally doesn't work (maybe in very specific circumstances), so now the cookie writing is done consistently and it is working, prior to this i was getting lots of issues with the xsrf tokens. Updated some user model mappings for convenience and update naming conventions for some properties of the BackOfficeIdentityUser for consistency. 2015-04-01 13:42:07 +11:00
Shannon
5a88ff774c adds overload to specify custom backoffice user store for custom implementations (i.e. 2 factor auth, etc...) 2015-04-01 13:41:57 +11:00
Shannon
b269760b21 removes the BackOfficeRoleManager since we don't use roles in the back office (sections i suppose) and we can't dynamically just create them, that doesn't make sense. 2015-04-01 13:41:55 +11:00
Shannon
3efd038906 implements IUserRoleStore for sections for users 2015-04-01 13:41:52 +11:00
Shannon
4b156ba27e Starts stubbing out role manager code 2015-04-01 13:41:43 +11:00
Shannon
52c4d80cfc more identity awesome 2015-04-01 13:41:33 +11:00
Shannon
d9f453d860 Gets the user store up to date with the correct queries. 2015-04-01 13:41:28 +11:00
Shannon
8c51e8bad8 Implements IExternalLoginService and the db table, implements more logic to start enabling this to work in the back office, need to implement the rest of the userstore and then implement a way once logged in to the back office to allow users to link their accounts with external logins. Currently if an external login is detected during startup and it has not been linked we'll throw an exception. Very very close to making this all work nicely. 2015-04-01 13:41:26 +11:00
Shannon
d4b21243ca Allows external logins to be listed on login page, updates BackOfficeController with actions for invoking them. 2015-04-01 13:41:24 +11:00
Shannon
927add6f44 Updates UmbracoBackOfficeIdentity to add claims and adds a new ctor so people can create an identity manually - this is really the key, by doing this we'd already be able to have 3rd party authentication happening. Ensures our custom secure data format persists the user data 2015-04-01 13:41:21 +11:00
Shannon
48317d7e61 massively simplifies the cookie handling, we don't use our own and just use the defaults, the trick to not validating everything is to use the cookie path. This does mean that each clientside request will also be validated but there's no way to override this behavior in identity currently, the cookie handler is internal so unless we copy/paste all of it's code can't do much about that. 2015-04-01 13:41:18 +11:00
Shannon
93df2edec2 Initial install which now uses Identity middleware to perform the back office auth (no longer done in our module). Created custom data secure classes that use the legacy Forms auth logic for backwards compat. This means that the cookie can still be written the old way and still auth the new way if required. Now need to clean a lot of this up. 2015-04-01 13:41:16 +11:00
Shannon
da778e277f Fixes: U4-6093 ContentService.SaveAndPublishDo changes Culture 2015-01-12 21:45:52 +11:00
Shannon
ad66613011 Updates ValidateCurrentUser so that it doesn't re-decrypt the cookie since that is already done, it just needs to check if the current user is authenticated and if it is a back office identity. Added lots of notes for extension points when we start looking at extending how the back office auth works. 2014-12-05 10:29:18 +11:00
Sebastiaan Janssen
db22dfcf7d #U4-5337 fixed Due in version: 7.1.5,6.2.2 
Too easy to lock yourself out of the backoffice
 2014-08-12 11:05:25 +02:00
Shannon
f3c7533796 Potentially fixes U4-5069 Deadlock occurring in MemberService.GetByUsername 2014-07-01 10:43:44 +10:00
Shannon
ac88da4188 Fixes: U4-4856 ApplicationContext.Current.Services.ContentService.Save throw exception 2014-05-12 14:32:34 +10:00
Shannon
d264792e18 Fixes: U4-4819 Publicize AuthenticationExtensions 2014-05-06 18:15:38 +10:00
Shannon
e0c3eda675 Merge remote-tracking branch 'origin/6.2.0' into 7.1.2 
Conflicts:
	src/Umbraco.Core/Configuration/UmbracoSettings.cs
	src/Umbraco.Core/Models/PropertyExtensions.cs
	src/Umbraco.Core/Persistence/Repositories/Interfaces/IMemberRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MediaRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberRepository.cs
	src/Umbraco.Core/Security/MembershipProviderBase.cs
	src/Umbraco.Core/Services/ContentService.cs
	src/Umbraco.Core/Services/MediaService.cs
	src/Umbraco.Core/Services/PackagingService.cs
	src/Umbraco.Tests/Models/DataValueSetterTests.cs
	src/Umbraco.Web.UI/web.Template.config
	src/umbraco.cms/businesslogic/media/Media.cs
	src/umbraco.cms/businesslogic/member/Member.cs
 2014-04-29 13:06:10 +10:00
Shannon
2f53698bc5 Fixes: U4-4766 UmbracoMembershipProvider.ChangePassword() is seal, what might be a breaking change? 2014-04-28 19:19:48 +10:00
Shannon
c32cae16db Fixes: U4-4696 Macro personalized cache with custom membership provider not working - for any membership provider regardless of provider user key type 2014-04-24 12:14:06 +10:00
Shannon
e10e04aabf Fixes: U4-4696 Macro personalized cache with custom membership provider not working - for any membership provider regardless of provider user key type 2014-04-24 12:12:06 +10:00
Shannon
4d13925e3b Fixes merge issues 2014-03-18 19:05:07 +11:00
Shannon
02481dcfba Merge remote-tracking branch 'origin/6.2.0' into 7.1.0 
Conflicts:
	src/Umbraco.Core/Configuration/UmbracoSettings.cs
 2014-03-18 18:53:04 +11:00
Shannon
caad775399 Removes the User membership provider name constant - it is not a constant, this value is configurable! 2014-03-18 18:52:17 +11:00
Shannon
fd14065f14 Merge remote-tracking branch 'origin/6.2.0' into 7.1.0 
Conflicts:
	src/Umbraco.Core/Models/Member.cs
	src/Umbraco.Core/Models/Membership/MembershipUserExtensions.cs
	src/Umbraco.Core/Persistence/Factories/MemberFactory.cs
	src/Umbraco.Core/Persistence/Factories/MemberReadOnlyFactory.cs
	src/Umbraco.Core/Persistence/Mappers/MemberMapper.cs
	src/Umbraco.Core/Persistence/Repositories/MemberRepository.cs
	src/Umbraco.Core/Services/IMembershipUserService.cs
	src/Umbraco.Core/Services/UserService.cs
	src/Umbraco.Tests/Persistence/Repositories/MemberRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/UserRepositoryTest.cs
	src/Umbraco.Tests/Services/ContentServiceTests.cs
	src/Umbraco.Tests/TestHelpers/Entities/MockedMember.cs
	src/Umbraco.Tests/TestHelpers/Entities/MockedUser.cs
	src/Umbraco.Web.UI/install/steps/DefaultUser.ascx.cs
	src/Umbraco.Web/Controllers/UmbProfileController.cs
	src/Umbraco.Web/Routing/PublishedContentRequestEngine.cs
	src/Umbraco.Web/Security/WebSecurity.cs
	src/Umbraco.Web/umbraco.presentation/LegacyClasses.cs
	src/Umbraco.Web/umbraco.presentation/install/steps/LegacyClasses.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/channels/UmbracoMetaWeblogAPI.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/member.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/memberTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/userTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/dashboard/ChangePassword.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/login.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/members/EditMember.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/webservices/MediaUploader.ashx.cs
 2014-03-18 18:47:49 +11:00
Shannon
8dd950bd52 Ensures all access to the users membership provider is done with our extension method 2014-03-18 17:22:25 +11:00
Shannon
e2881e07d1 Ensures that all calls to the members membership provider are done so explicitly with the membership provider alias - this decouples the need to have the umbraco membership provider declared as the default, we were doing both before. 2014-03-18 17:08:21 +11:00
Shannon
3c3f2d7c8d Merge remote-tracking branch 'origin/6.2.0' into 7.1.0 
Conflicts:
	src/Umbraco.Core/Constants-Conventions.cs
	src/Umbraco.Core/DateTimeExtensions.cs
	src/Umbraco.Core/Models/PropertyType.cs
	src/Umbraco.Core/Persistence/Factories/MemberTypeReadOnlyFactory.cs
	src/Umbraco.Core/Persistence/Factories/PropertyGroupFactory.cs
	src/Umbraco.Core/Persistence/Repositories/ContentTypeBaseRepository.cs
	src/Umbraco.Core/Persistence/Repositories/Interfaces/IUserRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberTypeRepository.cs
	src/Umbraco.Core/Persistence/Repositories/PermissionRepository.cs
	src/Umbraco.Tests/App.config
	src/Umbraco.Tests/Persistence/Repositories/MemberTypeRepositoryTest.cs
	src/Umbraco.Tests/UmbracoExamine/ExamineBaseTest.cs
	src/Umbraco.Tests/packages.config
	src/Umbraco.Web.UI/packages.config
	src/Umbraco.Web/Umbraco.Web.csproj
	src/Umbraco.Web/app.config
	src/Umbraco.Web/umbraco.presentation/umbraco/developer/Xslt/xsltInsertValueOf.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/dialogs/umbracoField.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/members/EditMember.aspx.cs
	src/umbraco.MacroEngines/App.Config
	src/umbraco.providers/members/UmbracoMembershipProvider.cs
 2014-02-21 16:32:53 +11:00
Shannon
c677f36f08 Changes some of the naming conventions for the underlying membership provider services bits. 2014-02-21 16:03:32 +11:00
Shannon
8da2c22a4e removes special default password check, this is no longer necessary. 2014-02-20 14:38:56 +11:00
Shannon
8154382fb1 Merge remote-tracking branch 'origin/6.2.0' into 7.1.0 
Conflicts:
	src/umbraco.providers/members/UmbracoMembershipProvider.cs
 2014-02-17 13:17:19 +11:00
Shannon
10ef5eb7bc adds new interface for members' membership providers to implement so we know what aliases to store data against. 2014-02-17 13:16:28 +11:00
Shannon
c4acbf0dbc Merge remote-tracking branch 'origin/6.2.0' into 7.1.0 
Conflicts:
	src/Umbraco.Core/Configuration/ClientDependencyConfiguration.cs
	src/Umbraco.Core/Constants-Conventions.cs
	src/Umbraco.Core/Models/Member.cs
	src/Umbraco.Core/Models/Membership/IUser.cs
	src/Umbraco.Core/Models/Template.cs
	src/Umbraco.Core/Persistence/Factories/MemberReadOnlyFactory.cs
	src/Umbraco.Core/Persistence/Repositories/ContentRepository.cs
	src/Umbraco.Core/Persistence/Repositories/Interfaces/IMemberRepository.cs
	src/Umbraco.Core/Persistence/Repositories/Interfaces/IUserRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberGroupRepository.cs
	src/Umbraco.Core/Persistence/Repositories/MemberRepository.cs
	src/Umbraco.Core/Persistence/Repositories/PermissionRepository.cs
	src/Umbraco.Core/Persistence/RepositoryFactory.cs
	src/Umbraco.Core/Services/ContentService.cs
	src/Umbraco.Core/Services/IMemberTypeService.cs
	src/Umbraco.Core/Services/IMembershipUserService.cs
	src/Umbraco.Core/Services/IUserService.cs
	src/Umbraco.Core/Services/MemberService.cs
	src/Umbraco.Core/Services/MemberTypeService.cs
	src/Umbraco.Core/Services/ServiceContext.cs
	src/Umbraco.Core/Services/UserService.cs
	src/Umbraco.Core/Umbraco.Core.csproj
	src/Umbraco.Tests/MockTests.cs
	src/Umbraco.Tests/Persistence/Repositories/ContentRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/ContentTypeRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/MemberRepositoryTest.cs
	src/Umbraco.Tests/Persistence/Repositories/UserRepositoryTest.cs
	src/Umbraco.Web.UI/Umbraco.Web.UI.csproj
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/EditProfile.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/Login.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/LoginStatus.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViewMacros/Templates/RegisterMember.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/Breadcrumb.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/EditProfile.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListAncestorsFromCurrentPage.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesFromCurrentPage.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesOrderedByDate.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesOrderedByName.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListChildPagesWithDoctype.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/ListDescendantsFromCurrentPage.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/Login.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/LoginStatus.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/MultinodeTree-picker.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/Navigation.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/RegisterMember.cshtml
	src/Umbraco.Web.UI/Umbraco/PartialViews/Templates/SiteMap.cshtml
	src/Umbraco.Web.UI/Umbraco/create/PartialView.ascx.cs
	src/Umbraco.Web.UI/config/umbracoSettings.config
	src/Umbraco.Web/Cache/CacheRefresherEventHandler.cs
	src/Umbraco.Web/Controllers/UmbLoginController.cs
	src/Umbraco.Web/Controllers/UmbLoginStatusController.cs
	src/Umbraco.Web/Controllers/UmbProfileController.cs
	src/Umbraco.Web/Controllers/UmbRegisterController.cs
	src/Umbraco.Web/Models/LoginModel.cs
	src/Umbraco.Web/Models/LoginStatusModel.cs
	src/Umbraco.Web/Models/ProfileModel.cs
	src/Umbraco.Web/Models/RegisterModel.cs
	src/Umbraco.Web/Models/UmbracoProperty.cs
	src/Umbraco.Web/Mvc/UmbracoViewPageOfTModel.cs
	src/Umbraco.Web/PublishedCache/XmlPublishedCache/PublishedMediaCache.cs
	src/Umbraco.Web/Security/WebSecurity.cs
	src/Umbraco.Web/Umbraco.Web.csproj
	src/Umbraco.Web/UmbracoModule.cs
	src/Umbraco.Web/WebApi/UmbracoApiController.cs
	src/Umbraco.Web/umbraco.presentation/library.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/controls/ContentTypeControlNew.ascx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/PartialViewMacrosTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/create/PartialViewTasks.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/editContent.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/login.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/members/EditMember.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbraco/users/EditUser.aspx.cs
	src/Umbraco.Web/umbraco.presentation/umbracobase/baseLibrary.cs
	src/Umbraco.Web/umbraco.presentation/umbracobase/restExtension.cs
	src/umbraco.businesslogic/User.cs
	src/umbraco.providers/UsersMembershipProvider.cs
	src/umbraco.providers/members/UmbracoMembershipProvider.cs
 2014-02-13 16:22:51 +11:00
perploug
9687b2abee Special rule for installer password change 2014-01-31 13:03:46 +01:00