Cleaned up config for Security settings
This commit is contained in:
@@ -24,6 +24,9 @@ namespace Umbraco.Core.Configuration
|
||||
public IKeepAliveSettings KeepAliveSettings { get; } = new KeepAliveSettings();
|
||||
public IWebRoutingSettings WebRoutingSettings { get; } = new WebRoutingSettings();
|
||||
public IRequestHandlerSettings RequestHandlerSettings { get; } = new RequestHandlerSettings();
|
||||
public ISecuritySettings SecuritySettings { get; } = new SecuritySettings();
|
||||
public IUserPasswordConfiguration UserPasswordConfigurationSettings { get; } = new UserPasswordConfigurationSettings();
|
||||
public IMemberPasswordConfiguration MemberPasswordConfigurationSettings { get; } = new MemberPasswordConfigurationSettings();
|
||||
|
||||
public IUmbracoSettingsSection UmbracoSettings { get; }
|
||||
|
||||
@@ -36,10 +39,6 @@ namespace Umbraco.Core.Configuration
|
||||
configs.Add<IUmbracoSettingsSection>("umbracoConfiguration/settings");
|
||||
configs.Add<IHealthChecks>("umbracoConfiguration/HealthChecks");
|
||||
|
||||
// Password configuration is held within IUmbracoSettingsSection from umbracoConfiguration/settings but we'll add explicitly
|
||||
// so it can be independently retrieved in classes that need it.
|
||||
configs.AddPasswordConfigurations();
|
||||
|
||||
configs.Add(() => CoreDebug);
|
||||
configs.Add(() => MachineKeyConfig);
|
||||
configs.Add<IConnectionStrings>(() => new ConnectionStrings(ioHelper));
|
||||
@@ -58,6 +57,9 @@ namespace Umbraco.Core.Configuration
|
||||
configs.Add<IKeepAliveSettings>(() => KeepAliveSettings);
|
||||
configs.Add<IWebRoutingSettings>(() => WebRoutingSettings);
|
||||
configs.Add<IRequestHandlerSettings>(() => RequestHandlerSettings);
|
||||
configs.Add<ISecuritySettings>(() => SecuritySettings);
|
||||
configs.Add<IUserPasswordConfiguration>(() => UserPasswordConfigurationSettings);
|
||||
configs.Add<IMemberPasswordConfiguration>(() => MemberPasswordConfigurationSettings);
|
||||
|
||||
configs.AddCoreConfigs(ioHelper);
|
||||
return configs;
|
||||
|
||||
@@ -0,0 +1,16 @@
|
||||
using Umbraco.Core.Configuration;
|
||||
|
||||
namespace Umbraco.Configuration.Implementations
|
||||
{
|
||||
internal class MemberPasswordConfigurationSettings : ConfigurationManagerConfigBase, IMemberPasswordConfiguration
|
||||
{
|
||||
public int RequiredLength => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequiredLength;
|
||||
public bool RequireNonLetterOrDigit => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireNonLetterOrDigit;
|
||||
public bool RequireDigit => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireDigit;
|
||||
public bool RequireLowercase=> UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireLowercase;
|
||||
public bool RequireUppercase=> UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireUppercase;
|
||||
public bool UseLegacyEncoding=> UmbracoSettingsSection.Security.UserPasswordConfiguration.UseLegacyEncoding;
|
||||
public string HashAlgorithmType=> UmbracoSettingsSection.Security.UserPasswordConfiguration.HashAlgorithmType;
|
||||
public int MaxFailedAccessAttemptsBeforeLockout => UmbracoSettingsSection.Security.UserPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,14 @@
|
||||
using Umbraco.Core.Configuration.UmbracoSettings;
|
||||
|
||||
namespace Umbraco.Configuration.Implementations
|
||||
{
|
||||
internal class SecuritySettings : ConfigurationManagerConfigBase, ISecuritySettings
|
||||
{
|
||||
public bool KeepUserLoggedIn => UmbracoSettingsSection.Security.KeepUserLoggedIn;
|
||||
public bool HideDisabledUsersInBackoffice => UmbracoSettingsSection.Security.HideDisabledUsersInBackoffice;
|
||||
public bool AllowPasswordReset => UmbracoSettingsSection.Security.AllowPasswordReset;
|
||||
public string AuthCookieName => UmbracoSettingsSection.Security.AuthCookieName;
|
||||
public string AuthCookieDomain => UmbracoSettingsSection.Security.AuthCookieDomain;
|
||||
public bool UsernameIsEmail => UmbracoSettingsSection.Security.UsernameIsEmail;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,15 @@
|
||||
using Umbraco.Core.Configuration;
|
||||
namespace Umbraco.Configuration.Implementations
|
||||
{
|
||||
internal class UserPasswordConfigurationSettings : ConfigurationManagerConfigBase, IUserPasswordConfiguration
|
||||
{
|
||||
public int RequiredLength => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequiredLength;
|
||||
public bool RequireNonLetterOrDigit => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireNonLetterOrDigit;
|
||||
public bool RequireDigit => UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireDigit;
|
||||
public bool RequireLowercase=> UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireLowercase;
|
||||
public bool RequireUppercase=> UmbracoSettingsSection.Security.UserPasswordConfiguration.RequireUppercase;
|
||||
public bool UseLegacyEncoding=> UmbracoSettingsSection.Security.UserPasswordConfiguration.UseLegacyEncoding;
|
||||
public string HashAlgorithmType=> UmbracoSettingsSection.Security.UserPasswordConfiguration.HashAlgorithmType;
|
||||
public int MaxFailedAccessAttemptsBeforeLockout => UmbracoSettingsSection.Security.UserPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout;
|
||||
}
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
namespace Umbraco.Core.Configuration.UmbracoSettings
|
||||
{
|
||||
internal class MemberPasswordConfigurationElement : PasswordConfigurationElement, IMemberPasswordConfigurationSection
|
||||
internal class MemberPasswordConfigurationElement : PasswordConfigurationElement, IMemberPasswordConfiguration
|
||||
{
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
namespace Umbraco.Core.Configuration.UmbracoSettings
|
||||
{
|
||||
internal class SecurityElement : UmbracoConfigurationElement, ISecuritySection
|
||||
internal class SecurityElement : UmbracoConfigurationElement, ISecuritySettings
|
||||
{
|
||||
[ConfigurationProperty("keepUserLoggedIn")]
|
||||
internal InnerTextConfigurationElement<bool> KeepUserLoggedIn => GetOptionalTextElement("keepUserLoggedIn", true);
|
||||
@@ -38,14 +38,14 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
|
||||
[ConfigurationProperty("memberPasswordConfiguration")]
|
||||
public MemberPasswordConfigurationElement MemberPasswordConfiguration => (MemberPasswordConfigurationElement)this["memberPasswordConfiguration"];
|
||||
|
||||
bool ISecuritySection.KeepUserLoggedIn => KeepUserLoggedIn;
|
||||
bool ISecuritySettings.KeepUserLoggedIn => KeepUserLoggedIn;
|
||||
|
||||
bool ISecuritySection.HideDisabledUsersInBackoffice => HideDisabledUsersInBackoffice;
|
||||
bool ISecuritySettings.HideDisabledUsersInBackoffice => HideDisabledUsersInBackoffice;
|
||||
|
||||
/// <summary>
|
||||
/// Used to enable/disable the forgot password functionality on the back office login screen
|
||||
/// </summary>
|
||||
bool ISecuritySection.AllowPasswordReset => AllowPasswordReset;
|
||||
bool ISecuritySettings.AllowPasswordReset => AllowPasswordReset;
|
||||
|
||||
/// <summary>
|
||||
/// A boolean indicating that by default the email address will be the username
|
||||
@@ -54,14 +54,10 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
|
||||
/// Even if this is true and the username is different from the email in the database, the username field will still be shown.
|
||||
/// When this is false, the username and email fields will be shown in the user section.
|
||||
/// </remarks>
|
||||
bool ISecuritySection.UsernameIsEmail => UsernameIsEmail;
|
||||
bool ISecuritySettings.UsernameIsEmail => UsernameIsEmail;
|
||||
|
||||
string ISecuritySection.AuthCookieName => AuthCookieName;
|
||||
string ISecuritySettings.AuthCookieName => AuthCookieName;
|
||||
|
||||
string ISecuritySection.AuthCookieDomain => AuthCookieDomain;
|
||||
|
||||
IUserPasswordConfigurationSection ISecuritySection.UserPasswordConfiguration => UserPasswordConfiguration;
|
||||
|
||||
IMemberPasswordConfigurationSection ISecuritySection.MemberPasswordConfiguration => MemberPasswordConfiguration;
|
||||
string ISecuritySettings.AuthCookieDomain => AuthCookieDomain;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -26,7 +26,5 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
|
||||
internal KeepAliveElement KeepAlive => (KeepAliveElement)this["keepAlive"];
|
||||
|
||||
IContentSection IUmbracoSettingsSection.Content => Content;
|
||||
|
||||
ISecuritySection IUmbracoSettingsSection.Security => Security;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
namespace Umbraco.Core.Configuration.UmbracoSettings
|
||||
{
|
||||
internal class UserPasswordConfigurationElement : PasswordConfigurationElement, IUserPasswordConfigurationSection
|
||||
internal class UserPasswordConfigurationElement : PasswordConfigurationElement, IUserPasswordConfiguration
|
||||
{
|
||||
}
|
||||
}
|
||||
|
||||
@@ -28,6 +28,15 @@ namespace Umbraco.Core
|
||||
public static IUmbracoSettingsSection Settings(this Configs configs)
|
||||
=> configs.GetConfig<IUmbracoSettingsSection>();
|
||||
|
||||
public static ISecuritySettings Security(this Configs configs)
|
||||
=> configs.GetConfig<ISecuritySettings>();
|
||||
|
||||
|
||||
public static IUserPasswordConfiguration UserPasswordConfiguration(this Configs configs)
|
||||
=> configs.GetConfig<IUserPasswordConfiguration>();
|
||||
public static IMemberPasswordConfiguration MemberPasswordConfiguration(this Configs configs)
|
||||
=> configs.GetConfig<IMemberPasswordConfiguration>();
|
||||
|
||||
public static IRequestHandlerSettings RequestHandler(this Configs configs)
|
||||
=> configs.GetConfig<IRequestHandlerSettings>();
|
||||
|
||||
@@ -43,24 +52,6 @@ namespace Umbraco.Core
|
||||
public static ICoreDebug CoreDebug(this Configs configs)
|
||||
=> configs.GetConfig<ICoreDebug>();
|
||||
|
||||
public static IUserPasswordConfiguration UserPasswordConfiguration(this Configs configs)
|
||||
=> configs.GetConfig<IUserPasswordConfiguration>();
|
||||
|
||||
public static IMemberPasswordConfiguration MemberPasswordConfiguration(this Configs configs)
|
||||
=> configs.GetConfig<IMemberPasswordConfiguration>();
|
||||
|
||||
public static void AddPasswordConfigurations(this Configs configs)
|
||||
{
|
||||
configs.Add<IUserPasswordConfiguration>(() =>
|
||||
{
|
||||
return new UserPasswordConfiguration(configs.Settings().Security.UserPasswordConfiguration);
|
||||
});
|
||||
configs.Add<IMemberPasswordConfiguration>(() =>
|
||||
{
|
||||
return new MemberPasswordConfiguration(configs.Settings().Security.MemberPasswordConfiguration);
|
||||
});
|
||||
}
|
||||
|
||||
public static void AddCoreConfigs(this Configs configs, IIOHelper ioHelper)
|
||||
{
|
||||
var configDir = new DirectoryInfo(ioHelper.MapPath(Constants.SystemDirectories.Config));
|
||||
|
||||
@@ -7,9 +7,9 @@ namespace Umbraco.Core.Configuration
|
||||
/// </summary>
|
||||
public class MemberPasswordConfiguration : PasswordConfiguration, IMemberPasswordConfiguration
|
||||
{
|
||||
public MemberPasswordConfiguration(IMemberPasswordConfigurationSection configSection)
|
||||
: base(configSection)
|
||||
{
|
||||
public MemberPasswordConfiguration(IMemberPasswordConfiguration configSettings)
|
||||
: base(configSettings)
|
||||
{
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,21 +5,21 @@ namespace Umbraco.Core.Configuration
|
||||
{
|
||||
public abstract class PasswordConfiguration : IPasswordConfiguration
|
||||
{
|
||||
protected PasswordConfiguration(IPasswordConfigurationSection configSection)
|
||||
protected PasswordConfiguration(IPasswordConfiguration configSettings)
|
||||
{
|
||||
if (configSection == null)
|
||||
if (configSettings == null)
|
||||
{
|
||||
throw new ArgumentNullException(nameof(configSection));
|
||||
throw new ArgumentNullException(nameof(configSettings));
|
||||
}
|
||||
|
||||
RequiredLength = configSection.RequiredLength;
|
||||
RequireNonLetterOrDigit = configSection.RequireNonLetterOrDigit;
|
||||
RequireDigit = configSection.RequireDigit;
|
||||
RequireLowercase = configSection.RequireLowercase;
|
||||
RequireUppercase = configSection.RequireUppercase;
|
||||
UseLegacyEncoding = configSection.UseLegacyEncoding;
|
||||
HashAlgorithmType = configSection.HashAlgorithmType;
|
||||
MaxFailedAccessAttemptsBeforeLockout = configSection.MaxFailedAccessAttemptsBeforeLockout;
|
||||
RequiredLength = configSettings.RequiredLength;
|
||||
RequireNonLetterOrDigit = configSettings.RequireNonLetterOrDigit;
|
||||
RequireDigit = configSettings.RequireDigit;
|
||||
RequireLowercase = configSettings.RequireLowercase;
|
||||
RequireUppercase = configSettings.RequireUppercase;
|
||||
UseLegacyEncoding = configSettings.UseLegacyEncoding;
|
||||
HashAlgorithmType = configSettings.HashAlgorithmType;
|
||||
MaxFailedAccessAttemptsBeforeLockout = configSettings.MaxFailedAccessAttemptsBeforeLockout;
|
||||
}
|
||||
|
||||
public int RequiredLength { get; }
|
||||
|
||||
@@ -1,6 +0,0 @@
|
||||
namespace Umbraco.Core.Configuration.UmbracoSettings
|
||||
{
|
||||
public interface IMemberPasswordConfigurationSection : IPasswordConfigurationSection
|
||||
{
|
||||
}
|
||||
}
|
||||
+2
-6
@@ -1,9 +1,9 @@
|
||||
namespace Umbraco.Core.Configuration.UmbracoSettings
|
||||
{
|
||||
public interface ISecuritySection : IUmbracoConfigurationSection
|
||||
public interface ISecuritySettings : IUmbracoConfigurationSection
|
||||
{
|
||||
bool KeepUserLoggedIn { get; }
|
||||
|
||||
|
||||
bool HideDisabledUsersInBackoffice { get; }
|
||||
|
||||
/// <summary>
|
||||
@@ -23,9 +23,5 @@
|
||||
/// When this is false, the username and email fields will be shown in the user section.
|
||||
/// </remarks>
|
||||
bool UsernameIsEmail { get; }
|
||||
|
||||
IUserPasswordConfigurationSection UserPasswordConfiguration { get; }
|
||||
|
||||
IMemberPasswordConfigurationSection MemberPasswordConfiguration { get; }
|
||||
}
|
||||
}
|
||||
@@ -5,7 +5,5 @@ namespace Umbraco.Core.Configuration.UmbracoSettings
|
||||
public interface IUmbracoSettingsSection : IUmbracoConfigurationSection
|
||||
{
|
||||
IContentSection Content { get; }
|
||||
|
||||
ISecuritySection Security { get; }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +0,0 @@
|
||||
namespace Umbraco.Core.Configuration.UmbracoSettings
|
||||
{
|
||||
public interface IUserPasswordConfigurationSection : IPasswordConfigurationSection
|
||||
{
|
||||
}
|
||||
}
|
||||
@@ -7,9 +7,9 @@ namespace Umbraco.Core.Configuration
|
||||
/// </summary>
|
||||
public class UserPasswordConfiguration : PasswordConfiguration, IUserPasswordConfiguration
|
||||
{
|
||||
public UserPasswordConfiguration(IUserPasswordConfigurationSection configSection)
|
||||
: base(configSection)
|
||||
{
|
||||
public UserPasswordConfiguration(IUserPasswordConfiguration configSettings)
|
||||
: base(configSettings)
|
||||
{
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -15,7 +15,6 @@ namespace Umbraco.Core.Composing.CompositionExtensions
|
||||
// register others
|
||||
|
||||
composition.RegisterUnique(factory => factory.GetInstance<IUmbracoSettingsSection>().Content);
|
||||
composition.RegisterUnique(factory => factory.GetInstance<IUmbracoSettingsSection>().Security);
|
||||
|
||||
return composition;
|
||||
}
|
||||
|
||||
@@ -33,7 +33,7 @@ namespace Umbraco.Web.Models.ContentEditing
|
||||
if (UserGroups.Any() == false)
|
||||
yield return new ValidationResult("A user must be assigned to at least one group", new[] { nameof(UserGroups) });
|
||||
|
||||
if (Current.Configs.Settings().Security.UsernameIsEmail == false && Username.IsNullOrWhiteSpace())
|
||||
if (Current.Configs.Security().UsernameIsEmail == false && Username.IsNullOrWhiteSpace())
|
||||
yield return new ValidationResult("A username cannot be empty", new[] { nameof(Username) });
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,127 +9,127 @@ namespace Umbraco.Tests.Configurations.UmbracoSettings
|
||||
[Test]
|
||||
public void KeepUserLoggedIn()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.KeepUserLoggedIn == true);
|
||||
Assert.IsTrue(SecuritySettings.KeepUserLoggedIn == true);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void HideDisabledUsersInBackoffice()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.HideDisabledUsersInBackoffice == false);
|
||||
Assert.IsTrue(SecuritySettings.HideDisabledUsersInBackoffice == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AllowPasswordReset()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.AllowPasswordReset == true);
|
||||
Assert.IsTrue(SecuritySettings.AllowPasswordReset == true);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuthCookieDomain()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.AuthCookieDomain == null);
|
||||
Assert.IsTrue(SecuritySettings.AuthCookieDomain == null);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void AuthCookieName()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.AuthCookieName == "UMB_UCONTEXT");
|
||||
Assert.IsTrue(SecuritySettings.AuthCookieName == "UMB_UCONTEXT");
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void UserPasswordConfiguration_RequiredLength()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.RequiredLength == 12);
|
||||
Assert.IsTrue(UserPasswordConfiguration.RequiredLength == 12);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void UserPasswordConfiguration_RequireNonLetterOrDigit()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.RequireNonLetterOrDigit == false);
|
||||
Assert.IsTrue(UserPasswordConfiguration.RequireNonLetterOrDigit == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void UserPasswordConfiguration_RequireDigit()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.RequireDigit == false);
|
||||
Assert.IsTrue(UserPasswordConfiguration.RequireDigit == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void UserPasswordConfiguration_RequireLowercase()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.RequireLowercase == false);
|
||||
Assert.IsTrue(UserPasswordConfiguration.RequireLowercase == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void UserPasswordConfiguration_RequireUppercase()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.RequireUppercase == false);
|
||||
Assert.IsTrue(UserPasswordConfiguration.RequireUppercase == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void UserPasswordConfiguration_UseLegacyEncoding()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.UseLegacyEncoding == false);
|
||||
Assert.IsTrue(UserPasswordConfiguration.UseLegacyEncoding == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void UserPasswordConfiguration_HashAlgorithmType()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.HashAlgorithmType == "HMACSHA256");
|
||||
Assert.IsTrue(UserPasswordConfiguration.HashAlgorithmType == "HMACSHA256");
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void UserPasswordConfiguration_MaxFailedAccessAttemptsBeforeLockout()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.UserPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout == 5);
|
||||
Assert.IsTrue(UserPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout == 5);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void MemberPasswordConfiguration_RequiredLength()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.RequiredLength == 12);
|
||||
Assert.IsTrue(MemberPasswordConfiguration.RequiredLength == 12);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void MemberPasswordConfiguration_RequireNonLetterOrDigit()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.RequireNonLetterOrDigit == false);
|
||||
Assert.IsTrue(MemberPasswordConfiguration.RequireNonLetterOrDigit == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void MemberPasswordConfiguration_RequireDigit()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.RequireDigit == false);
|
||||
Assert.IsTrue(MemberPasswordConfiguration.RequireDigit == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void MemberPasswordConfiguration_RequireLowercase()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.RequireLowercase == false);
|
||||
Assert.IsTrue(MemberPasswordConfiguration.RequireLowercase == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void MemberPasswordConfiguration_RequireUppercase()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.RequireUppercase == false);
|
||||
Assert.IsTrue(MemberPasswordConfiguration.RequireUppercase == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void MemberPasswordConfiguration_UseLegacyEncoding()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.UseLegacyEncoding == false);
|
||||
Assert.IsTrue(MemberPasswordConfiguration.UseLegacyEncoding == false);
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void MemberPasswordConfiguration_HashAlgorithmType()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.HashAlgorithmType == "HMACSHA256");
|
||||
Assert.IsTrue(MemberPasswordConfiguration.HashAlgorithmType == "HMACSHA256");
|
||||
}
|
||||
|
||||
[Test]
|
||||
public void MemberPasswordConfiguration_MaxFailedAccessAttemptsBeforeLockout()
|
||||
{
|
||||
Assert.IsTrue(SettingsSection.Security.MemberPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout == 5);
|
||||
Assert.IsTrue(MemberPasswordConfiguration.MaxFailedAccessAttemptsBeforeLockout == 5);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
using System.Diagnostics;
|
||||
using System.IO;
|
||||
using NUnit.Framework;
|
||||
using Umbraco.Core.Configuration;
|
||||
using Umbraco.Core.Configuration.UmbracoSettings;
|
||||
using Umbraco.Tests.TestHelpers;
|
||||
|
||||
@@ -38,5 +39,8 @@ namespace Umbraco.Tests.Configurations.UmbracoSettings
|
||||
protected ILoggingSettings LoggingSettings => Settings.Logging;
|
||||
protected IWebRoutingSettings WebRoutingSettings => Settings.WebRouting;
|
||||
protected IRequestHandlerSettings RequestHandlerSettings => Settings.RequestHandler;
|
||||
protected ISecuritySettings SecuritySettings => Settings.Security;
|
||||
protected IUserPasswordConfiguration UserPasswordConfiguration => Settings.Security.UserPasswordConfiguration;
|
||||
protected IMemberPasswordConfiguration MemberPasswordConfiguration => Settings.Security.MemberPasswordConfiguration;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -45,18 +45,8 @@ namespace Umbraco.Tests.TestHelpers
|
||||
var settings = new Mock<IUmbracoSettingsSection>();
|
||||
|
||||
var content = new Mock<IContentSection>();
|
||||
var security = new Mock<ISecuritySection>();
|
||||
var requestHandler = new Mock<IRequestHandlerSettings>();
|
||||
var logging = new Mock<ILoggingSettings>();
|
||||
var routing = new Mock<IWebRoutingSettings>();
|
||||
|
||||
var userPasswordConfig = new Mock<IUserPasswordConfigurationSection>();
|
||||
var memberPasswordConfig = new Mock<IMemberPasswordConfigurationSection>();
|
||||
security.Setup(x => x.UserPasswordConfiguration).Returns(userPasswordConfig.Object);
|
||||
security.Setup(x => x.MemberPasswordConfiguration).Returns(memberPasswordConfig.Object);
|
||||
|
||||
settings.Setup(x => x.Content).Returns(content.Object);
|
||||
settings.Setup(x => x.Security).Returns(security.Object);
|
||||
|
||||
//Now configure some defaults - the defaults in the config section classes do NOT pertain to the mocked data!!
|
||||
settings.Setup(x => x.Content.ImageAutoFillProperties).Returns(ContentImagingElement.GetDefaultImageAutoFillProperties());
|
||||
@@ -185,5 +175,26 @@ namespace Umbraco.Tests.TestHelpers
|
||||
|
||||
return mock.Object;
|
||||
}
|
||||
|
||||
public static ISecuritySettings GenerateMockSecuritySettings()
|
||||
{
|
||||
var security = new Mock<ISecuritySettings>();
|
||||
|
||||
return security.Object;
|
||||
}
|
||||
|
||||
public static IUserPasswordConfiguration GenerateMockUserPasswordConfiguration()
|
||||
{
|
||||
var mock = new Mock<IUserPasswordConfiguration>();
|
||||
|
||||
return mock.Object;
|
||||
}
|
||||
|
||||
public static IMemberPasswordConfiguration GenerateMockMemberPasswordConfiguration()
|
||||
{
|
||||
var mock = new Mock<IMemberPasswordConfiguration>();
|
||||
|
||||
return mock.Object;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -416,6 +416,9 @@ namespace Umbraco.Tests.Testing
|
||||
Composition.Configs.Add(SettingsForTests.GetDefaultHostingSettings);
|
||||
Composition.Configs.Add(SettingsForTests.GenerateMockRequestHandlerSettings);
|
||||
Composition.Configs.Add(SettingsForTests.GenerateMockWebRoutingSettings);
|
||||
Composition.Configs.Add(SettingsForTests.GenerateMockSecuritySettings);
|
||||
Composition.Configs.Add(SettingsForTests.GenerateMockUserPasswordConfiguration);
|
||||
Composition.Configs.Add(SettingsForTests.GenerateMockMemberPasswordConfiguration);
|
||||
|
||||
//Composition.Configs.Add<IUserPasswordConfiguration>(() => new DefaultUserPasswordConfig());
|
||||
}
|
||||
|
||||
@@ -88,7 +88,7 @@ namespace Umbraco.Tests.Web.Controllers
|
||||
Factory.GetInstance<IProfilingLogger>(),
|
||||
Factory.GetInstance<IRuntimeState>(),
|
||||
Factory.GetInstance<UmbracoMapper>(),
|
||||
Factory.GetInstance<IUmbracoSettingsSection>(),
|
||||
Factory.GetInstance<ISecuritySettings>(),
|
||||
Factory.GetInstance<IIOHelper>(),
|
||||
Factory.GetInstance<IPublishedUrlProvider>()
|
||||
);
|
||||
|
||||
@@ -92,7 +92,8 @@ namespace Umbraco.Tests.Web.Controllers
|
||||
Factory.GetInstance<IUmbracoSettingsSection>(),
|
||||
Factory.GetInstance<IIOHelper>(),
|
||||
Factory.GetInstance<IImageUrlGenerator>(),
|
||||
Factory.GetInstance<IPublishedUrlProvider>()
|
||||
Factory.GetInstance<IPublishedUrlProvider>(),
|
||||
Factory.GetInstance<ISecuritySettings>()
|
||||
|
||||
);
|
||||
return usersController;
|
||||
@@ -164,7 +165,8 @@ namespace Umbraco.Tests.Web.Controllers
|
||||
Factory.GetInstance<IUmbracoSettingsSection>(),
|
||||
Factory.GetInstance<IIOHelper>(),
|
||||
Factory.GetInstance<IImageUrlGenerator>(),
|
||||
Factory.GetInstance<IPublishedUrlProvider>()
|
||||
Factory.GetInstance<IPublishedUrlProvider>(),
|
||||
Factory.GetInstance<ISecuritySettings>()
|
||||
);
|
||||
return usersController;
|
||||
}
|
||||
@@ -206,7 +208,8 @@ namespace Umbraco.Tests.Web.Controllers
|
||||
Factory.GetInstance<IUmbracoSettingsSection>(),
|
||||
Factory.GetInstance<IIOHelper>(),
|
||||
Factory.GetInstance<IImageUrlGenerator>(),
|
||||
Factory.GetInstance<IPublishedUrlProvider>()
|
||||
Factory.GetInstance<IPublishedUrlProvider>(),
|
||||
Factory.GetInstance<ISecuritySettings>()
|
||||
);
|
||||
return usersController;
|
||||
}
|
||||
@@ -283,7 +286,8 @@ namespace Umbraco.Tests.Web.Controllers
|
||||
Factory.GetInstance<IUmbracoSettingsSection>(),
|
||||
Factory.GetInstance<IIOHelper>(),
|
||||
Factory.GetInstance<IImageUrlGenerator>(),
|
||||
Factory.GetInstance<IPublishedUrlProvider>()
|
||||
Factory.GetInstance<IPublishedUrlProvider>(),
|
||||
Factory.GetInstance<ISecuritySettings>()
|
||||
);
|
||||
return usersController;
|
||||
}
|
||||
|
||||
@@ -48,7 +48,7 @@
|
||||
redirectUrl = Url.Action("AuthorizeUpgrade", "BackOffice")
|
||||
});
|
||||
}
|
||||
@Html.BareMinimumServerVariablesScript(Url, externalLoginUrl, Model.Features, Model.GlobalSettings, Model.UmbracoVersion, Model.UmbracoSettingsSection, Model.IOHelper, Model.TreeCollection, Model.HttpContextAccessor, Model.HostingEnvironment, Model.RuntimeSettings)
|
||||
@Html.BareMinimumServerVariablesScript(Url, externalLoginUrl, Model.Features, Model.GlobalSettings, Model.UmbracoVersion, Model.UmbracoSettingsSection, Model.IOHelper, Model.TreeCollection, Model.HttpContextAccessor, Model.HostingEnvironment, Model.RuntimeSettings, Model.SecuritySettings)
|
||||
|
||||
<script type="text/javascript">
|
||||
document.angularReady = function (app) {
|
||||
|
||||
@@ -110,7 +110,7 @@
|
||||
on-login="hideLoginScreen()">
|
||||
</umb-login>
|
||||
|
||||
@Html.BareMinimumServerVariablesScript(Url, Url.Action("ExternalLogin", "BackOffice", new { area = ViewData.GetUmbracoPath() }), Model.Features, Model.GlobalSettings, Model.UmbracoVersion, Model.UmbracoSettingsSection, Model.IOHelper, Model.TreeCollection, Model.HttpContextAccessor, Model.HostingEnvironment, Model.RuntimeSettings)
|
||||
@Html.BareMinimumServerVariablesScript(Url, Url.Action("ExternalLogin", "BackOffice", new { area = ViewData.GetUmbracoPath() }), Model.Features, Model.GlobalSettings, Model.UmbracoVersion, Model.UmbracoSettingsSection, Model.IOHelper, Model.TreeCollection, Model.HttpContextAccessor, Model.HostingEnvironment, Model.RuntimeSettings, Model.SecuritySettings)
|
||||
|
||||
<script>
|
||||
|
||||
|
||||
@@ -45,7 +45,7 @@ namespace Umbraco.Web.Editors
|
||||
private BackOfficeSignInManager _signInManager;
|
||||
private readonly IUserPasswordConfiguration _passwordConfiguration;
|
||||
private readonly IRuntimeState _runtimeState;
|
||||
private readonly IUmbracoSettingsSection _umbracoSettingsSection;
|
||||
private readonly ISecuritySettings _securitySettings;
|
||||
private readonly IIOHelper _ioHelper;
|
||||
|
||||
public AuthenticationController(
|
||||
@@ -58,14 +58,14 @@ namespace Umbraco.Web.Editors
|
||||
IProfilingLogger logger,
|
||||
IRuntimeState runtimeState,
|
||||
UmbracoMapper umbracoMapper,
|
||||
IUmbracoSettingsSection umbracoSettingsSection,
|
||||
ISecuritySettings securitySettings,
|
||||
IIOHelper ioHelper,
|
||||
IPublishedUrlProvider publishedUrlProvider)
|
||||
: base(globalSettings, umbracoContextAccessor, sqlContext, services, appCaches, logger, runtimeState, umbracoMapper, publishedUrlProvider)
|
||||
{
|
||||
_passwordConfiguration = passwordConfiguration ?? throw new ArgumentNullException(nameof(passwordConfiguration));
|
||||
_runtimeState = runtimeState ?? throw new ArgumentNullException(nameof(runtimeState));
|
||||
_umbracoSettingsSection = umbracoSettingsSection ?? throw new ArgumentNullException(nameof(umbracoSettingsSection));
|
||||
_securitySettings = securitySettings ?? throw new ArgumentNullException(nameof(securitySettings));
|
||||
_ioHelper = ioHelper ?? throw new ArgumentNullException(nameof(ioHelper));
|
||||
}
|
||||
|
||||
@@ -310,7 +310,7 @@ namespace Umbraco.Web.Editors
|
||||
{
|
||||
// If this feature is switched off in configuration the UI will be amended to not make the request to reset password available.
|
||||
// So this is just a server-side secondary check.
|
||||
if (_umbracoSettingsSection.Security.AllowPasswordReset == false)
|
||||
if (_securitySettings.AllowPasswordReset == false)
|
||||
{
|
||||
throw new HttpResponseException(HttpStatusCode.BadRequest);
|
||||
}
|
||||
|
||||
@@ -54,6 +54,7 @@ namespace Umbraco.Web.Editors
|
||||
private readonly IHostingEnvironment _hostingEnvironment;
|
||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
private readonly IRuntimeSettings _runtimeSettings;
|
||||
private readonly ISecuritySettings _securitySettings;
|
||||
|
||||
public BackOfficeController(
|
||||
IManifestParser manifestParser,
|
||||
@@ -71,7 +72,8 @@ namespace Umbraco.Web.Editors
|
||||
TreeCollection treeCollection,
|
||||
IHostingEnvironment hostingEnvironment,
|
||||
IHttpContextAccessor httpContextAccessor,
|
||||
IRuntimeSettings settings)
|
||||
IRuntimeSettings settings,
|
||||
ISecuritySettings securitySettings)
|
||||
: base(globalSettings, umbracoContextAccessor, services, appCaches, profilingLogger)
|
||||
|
||||
{
|
||||
@@ -86,6 +88,7 @@ namespace Umbraco.Web.Editors
|
||||
_hostingEnvironment = hostingEnvironment;
|
||||
_httpContextAccessor = httpContextAccessor;
|
||||
_runtimeSettings = settings;
|
||||
_securitySettings = securitySettings;
|
||||
}
|
||||
|
||||
protected BackOfficeSignInManager SignInManager => _signInManager ?? (_signInManager = OwinContext.GetBackOfficeSignInManager());
|
||||
@@ -101,8 +104,8 @@ namespace Umbraco.Web.Editors
|
||||
public async Task<ActionResult> Default()
|
||||
{
|
||||
return await RenderDefaultOrProcessExternalLoginAsync(
|
||||
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/Default.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection,_ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings)),
|
||||
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/Default.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings)));
|
||||
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/Default.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection,_ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings, _securitySettings)),
|
||||
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/Default.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings, _securitySettings)));
|
||||
}
|
||||
|
||||
[HttpGet]
|
||||
@@ -185,7 +188,7 @@ namespace Umbraco.Web.Editors
|
||||
{
|
||||
return await RenderDefaultOrProcessExternalLoginAsync(
|
||||
//The default view to render when there is no external login info or errors
|
||||
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/AuthorizeUpgrade.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings)),
|
||||
() => View(GlobalSettings.Path.EnsureEndsWith('/') + "Views/AuthorizeUpgrade.cshtml", new BackOfficeModel(_features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings, _securitySettings)),
|
||||
//The ActionResult to perform if external login is successful
|
||||
() => Redirect("/"));
|
||||
}
|
||||
@@ -292,7 +295,7 @@ namespace Umbraco.Web.Editors
|
||||
[MinifyJavaScriptResult(Order = 1)]
|
||||
public JavaScriptResult ServerVariables()
|
||||
{
|
||||
var serverVars = new BackOfficeServerVariables(Url, _runtimeState, _features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings);
|
||||
var serverVars = new BackOfficeServerVariables(Url, _runtimeState, _features, GlobalSettings, _umbracoVersion, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings, _securitySettings);
|
||||
|
||||
//cache the result if debugging is disabled
|
||||
var result = _hostingEnvironment.IsDebugMode
|
||||
|
||||
@@ -10,7 +10,10 @@ namespace Umbraco.Web.Editors
|
||||
|
||||
public class BackOfficeModel
|
||||
{
|
||||
public BackOfficeModel(UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion, IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection, IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment, IRuntimeSettings runtimeSettings)
|
||||
public BackOfficeModel(UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion,
|
||||
IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection,
|
||||
IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment,
|
||||
IRuntimeSettings runtimeSettings, ISecuritySettings securitySettings)
|
||||
{
|
||||
Features = features;
|
||||
GlobalSettings = globalSettings;
|
||||
@@ -21,6 +24,7 @@ namespace Umbraco.Web.Editors
|
||||
HttpContextAccessor = httpContextAccessor;
|
||||
HostingEnvironment = hostingEnvironment;
|
||||
RuntimeSettings = runtimeSettings;
|
||||
SecuritySettings = securitySettings;
|
||||
}
|
||||
|
||||
public UmbracoFeatures Features { get; }
|
||||
@@ -32,5 +36,6 @@ namespace Umbraco.Web.Editors
|
||||
public IHttpContextAccessor HttpContextAccessor { get; }
|
||||
public IHostingEnvironment HostingEnvironment { get; }
|
||||
public IRuntimeSettings RuntimeSettings { get; set; }
|
||||
public ISecuritySettings SecuritySettings { get; set; }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,8 +14,8 @@ namespace Umbraco.Web.Editors
|
||||
private readonly UmbracoFeatures _features;
|
||||
public IEnumerable<ILanguage> Languages { get; }
|
||||
|
||||
public BackOfficePreviewModel(UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion, IEnumerable<ILanguage> languages, IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection, IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment, IRuntimeSettings runtimeSettings)
|
||||
: base(features, globalSettings, umbracoVersion, umbracoSettingsSection, ioHelper, treeCollection, httpContextAccessor, hostingEnvironment, runtimeSettings)
|
||||
public BackOfficePreviewModel(UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion, IEnumerable<ILanguage> languages, IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection, IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment, IRuntimeSettings runtimeSettings, ISecuritySettings securitySettings)
|
||||
: base(features, globalSettings, umbracoVersion, umbracoSettingsSection, ioHelper, treeCollection, httpContextAccessor, hostingEnvironment, runtimeSettings, securitySettings)
|
||||
{
|
||||
_features = features;
|
||||
Languages = languages;
|
||||
|
||||
@@ -39,6 +39,7 @@ namespace Umbraco.Web.Editors
|
||||
private readonly IHttpContextAccessor _httpContextAccessor;
|
||||
private readonly IHostingEnvironment _hostingEnvironment;
|
||||
private readonly IRuntimeSettings _settings;
|
||||
private readonly ISecuritySettings _securitySettings;
|
||||
|
||||
internal BackOfficeServerVariables(
|
||||
UrlHelper urlHelper,
|
||||
@@ -51,7 +52,8 @@ namespace Umbraco.Web.Editors
|
||||
TreeCollection treeCollection,
|
||||
IHttpContextAccessor httpContextAccessor,
|
||||
IHostingEnvironment hostingEnvironment,
|
||||
IRuntimeSettings settings)
|
||||
IRuntimeSettings settings,
|
||||
ISecuritySettings securitySettings)
|
||||
{
|
||||
_urlHelper = urlHelper;
|
||||
_runtimeState = runtimeState;
|
||||
@@ -64,6 +66,7 @@ namespace Umbraco.Web.Editors
|
||||
_httpContextAccessor = httpContextAccessor;
|
||||
_hostingEnvironment = hostingEnvironment;
|
||||
_settings = settings;
|
||||
_securitySettings = securitySettings;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@@ -360,10 +363,10 @@ namespace Umbraco.Web.Editors
|
||||
"maxFileSize",
|
||||
GetMaxRequestLength()
|
||||
},
|
||||
{"keepUserLoggedIn", _umbracoSettingsSection.Security.KeepUserLoggedIn},
|
||||
{"usernameIsEmail", _umbracoSettingsSection.Security.UsernameIsEmail},
|
||||
{"keepUserLoggedIn", _securitySettings.KeepUserLoggedIn},
|
||||
{"usernameIsEmail", _securitySettings.UsernameIsEmail},
|
||||
{"cssPath", _ioHelper.ResolveUrl(globalSettings.UmbracoCssPath).TrimEnd('/')},
|
||||
{"allowPasswordReset", _umbracoSettingsSection.Security.AllowPasswordReset},
|
||||
{"allowPasswordReset", _securitySettings.AllowPasswordReset},
|
||||
{"loginBackgroundImage", _umbracoSettingsSection.Content.LoginBackgroundImage},
|
||||
{"showUserInvite", EmailSender.CanSendRequiredEmail(globalSettings)},
|
||||
{"canSendRequiredEmail", EmailSender.CanSendRequiredEmail(globalSettings)},
|
||||
|
||||
@@ -37,6 +37,7 @@ namespace Umbraco.Web.Editors
|
||||
private readonly IHostingEnvironment _hostingEnvironment;
|
||||
private readonly ICookieManager _cookieManager;
|
||||
private IRuntimeSettings _runtimeSettings;
|
||||
private readonly ISecuritySettings _securitySettings;
|
||||
|
||||
public PreviewController(
|
||||
UmbracoFeatures features,
|
||||
@@ -51,7 +52,8 @@ namespace Umbraco.Web.Editors
|
||||
IHttpContextAccessor httpContextAccessor,
|
||||
IHostingEnvironment hostingEnvironment,
|
||||
ICookieManager cookieManager,
|
||||
IRuntimeSettings settings)
|
||||
IRuntimeSettings settings,
|
||||
ISecuritySettings securitySettings)
|
||||
{
|
||||
_features = features;
|
||||
_globalSettings = globalSettings;
|
||||
@@ -66,6 +68,7 @@ namespace Umbraco.Web.Editors
|
||||
_hostingEnvironment = hostingEnvironment;
|
||||
_cookieManager = cookieManager;
|
||||
_runtimeSettings = settings;
|
||||
_securitySettings = securitySettings;
|
||||
}
|
||||
|
||||
[UmbracoAuthorize(redirectToUmbracoLogin: true)]
|
||||
@@ -74,7 +77,7 @@ namespace Umbraco.Web.Editors
|
||||
{
|
||||
var availableLanguages = _localizationService.GetAllLanguages();
|
||||
|
||||
var model = new BackOfficePreviewModel(_features, _globalSettings, _umbracoVersion, availableLanguages, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings);
|
||||
var model = new BackOfficePreviewModel(_features, _globalSettings, _umbracoVersion, availableLanguages, _umbracoSettingsSection, _ioHelper, _treeCollection, _httpContextAccessor, _hostingEnvironment, _runtimeSettings, _securitySettings);
|
||||
|
||||
if (model.PreviewExtendedHeaderView.IsNullOrWhiteSpace() == false)
|
||||
{
|
||||
|
||||
@@ -50,6 +50,7 @@ namespace Umbraco.Web.Editors
|
||||
private readonly IIOHelper _ioHelper;
|
||||
private readonly ISqlContext _sqlContext;
|
||||
private readonly IImageUrlGenerator _imageUrlGenerator;
|
||||
private readonly ISecuritySettings _securitySettings;
|
||||
|
||||
public UsersController(
|
||||
IGlobalSettings globalSettings,
|
||||
@@ -65,7 +66,8 @@ namespace Umbraco.Web.Editors
|
||||
IUmbracoSettingsSection umbracoSettingsSection,
|
||||
IIOHelper ioHelper,
|
||||
IImageUrlGenerator imageUrlGenerator,
|
||||
IPublishedUrlProvider publishedUrlProvider)
|
||||
IPublishedUrlProvider publishedUrlProvider,
|
||||
ISecuritySettings securitySettings)
|
||||
: base(globalSettings, umbracoContextAccessor, sqlContext, services, appCaches, logger, runtimeState, shortStringHelper, umbracoMapper, publishedUrlProvider)
|
||||
{
|
||||
_mediaFileSystem = mediaFileSystem;
|
||||
@@ -73,6 +75,7 @@ namespace Umbraco.Web.Editors
|
||||
_ioHelper = ioHelper;
|
||||
_sqlContext = sqlContext;
|
||||
_imageUrlGenerator = imageUrlGenerator;
|
||||
_securitySettings = securitySettings;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@@ -230,7 +233,7 @@ namespace Umbraco.Web.Editors
|
||||
// so to do that here, we'll need to check if this current user is an admin and if not we should exclude all user who are
|
||||
// also admins
|
||||
|
||||
var hideDisabledUsers = _umbracoSettingsSection.Security.HideDisabledUsersInBackoffice;
|
||||
var hideDisabledUsers = _securitySettings.HideDisabledUsersInBackoffice;
|
||||
var excludeUserGroups = new string[0];
|
||||
var isAdmin = Security.CurrentUser.IsAdmin();
|
||||
if (isAdmin == false)
|
||||
@@ -288,7 +291,7 @@ namespace Umbraco.Web.Editors
|
||||
throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
|
||||
}
|
||||
|
||||
if (_umbracoSettingsSection.Security.UsernameIsEmail)
|
||||
if (_securitySettings.UsernameIsEmail)
|
||||
{
|
||||
//ensure they are the same if we're using it
|
||||
userSave.Username = userSave.Email;
|
||||
@@ -380,7 +383,7 @@ namespace Umbraco.Web.Editors
|
||||
}
|
||||
|
||||
IUser user;
|
||||
if (_umbracoSettingsSection.Security.UsernameIsEmail)
|
||||
if (_securitySettings.UsernameIsEmail)
|
||||
{
|
||||
//ensure it's the same
|
||||
userSave.Username = userSave.Email;
|
||||
@@ -454,7 +457,7 @@ namespace Umbraco.Web.Editors
|
||||
if (user != null && (extraCheck == null || extraCheck(user)))
|
||||
{
|
||||
ModelState.AddModelError(
|
||||
_umbracoSettingsSection.Security.UsernameIsEmail ? "Email" : "Username",
|
||||
_securitySettings.UsernameIsEmail ? "Email" : "Username",
|
||||
"A user with the username already exists");
|
||||
throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ModelState));
|
||||
}
|
||||
@@ -574,7 +577,7 @@ namespace Umbraco.Web.Editors
|
||||
|
||||
// if the found user has their email for username, we want to keep this synced when changing the email.
|
||||
// we have already cross-checked above that the email isn't colliding with anything, so we can safely assign it here.
|
||||
if (_umbracoSettingsSection.Security.UsernameIsEmail && found.Username == found.Email && userSave.Username != userSave.Email)
|
||||
if (_securitySettings.UsernameIsEmail && found.Username == found.Email && userSave.Username != userSave.Email)
|
||||
{
|
||||
userSave.Username = userSave.Email;
|
||||
}
|
||||
|
||||
@@ -40,9 +40,9 @@ namespace Umbraco.Web
|
||||
/// These are the bare minimal server variables that are required for the application to start without being authenticated,
|
||||
/// we will load the rest of the server vars after the user is authenticated.
|
||||
/// </remarks>
|
||||
public static IHtmlString BareMinimumServerVariablesScript(this HtmlHelper html, UrlHelper uri, string externalLoginsUrl, UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion, IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection, IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment, IRuntimeSettings settings)
|
||||
public static IHtmlString BareMinimumServerVariablesScript(this HtmlHelper html, UrlHelper uri, string externalLoginsUrl, UmbracoFeatures features, IGlobalSettings globalSettings, IUmbracoVersion umbracoVersion, IUmbracoSettingsSection umbracoSettingsSection, IIOHelper ioHelper, TreeCollection treeCollection, IHttpContextAccessor httpContextAccessor, IHostingEnvironment hostingEnvironment, IRuntimeSettings settings, ISecuritySettings securitySettings)
|
||||
{
|
||||
var serverVars = new BackOfficeServerVariables(uri, Current.RuntimeState, features, globalSettings, umbracoVersion, umbracoSettingsSection, ioHelper, treeCollection, httpContextAccessor, hostingEnvironment, settings);
|
||||
var serverVars = new BackOfficeServerVariables(uri, Current.RuntimeState, features, globalSettings, umbracoVersion, umbracoSettingsSection, ioHelper, treeCollection, httpContextAccessor, hostingEnvironment, settings, securitySettings);
|
||||
var minVars = serverVars.BareMinimumServerVariables();
|
||||
|
||||
var str = @"<script type=""text/javascript"">
|
||||
|
||||
@@ -32,18 +32,18 @@ namespace Umbraco.Web.Install.InstallSteps
|
||||
private static HttpClient _httpClient;
|
||||
private readonly IGlobalSettings _globalSettings;
|
||||
private readonly IUserPasswordConfiguration _passwordConfiguration;
|
||||
private readonly IUmbracoSettingsSection _umbracoSettingsSection;
|
||||
private readonly ISecuritySettings _securitySettings;
|
||||
private readonly IConnectionStrings _connectionStrings;
|
||||
private readonly ICookieManager _cookieManager;
|
||||
|
||||
public NewInstallStep(IHttpContextAccessor httpContextAccessor, IUserService userService, DatabaseBuilder databaseBuilder, IGlobalSettings globalSettings, IUserPasswordConfiguration passwordConfiguration, IUmbracoSettingsSection umbracoSettingsSection, IConnectionStrings connectionStrings, ICookieManager cookieManager)
|
||||
public NewInstallStep(IHttpContextAccessor httpContextAccessor, IUserService userService, DatabaseBuilder databaseBuilder, IGlobalSettings globalSettings, IUserPasswordConfiguration passwordConfiguration, ISecuritySettings securitySettings, IConnectionStrings connectionStrings, ICookieManager cookieManager)
|
||||
{
|
||||
_httpContextAccessor = httpContextAccessor ?? throw new ArgumentNullException(nameof(httpContextAccessor));
|
||||
_userService = userService ?? throw new ArgumentNullException(nameof(userService));
|
||||
_databaseBuilder = databaseBuilder ?? throw new ArgumentNullException(nameof(databaseBuilder));
|
||||
_globalSettings = globalSettings ?? throw new ArgumentNullException(nameof(globalSettings));
|
||||
_passwordConfiguration = passwordConfiguration ?? throw new ArgumentNullException(nameof(passwordConfiguration));
|
||||
_umbracoSettingsSection = umbracoSettingsSection ?? throw new ArgumentNullException(nameof(umbracoSettingsSection));
|
||||
_securitySettings = securitySettings ?? throw new ArgumentNullException(nameof(securitySettings));
|
||||
_connectionStrings = connectionStrings ?? throw new ArgumentNullException(nameof(connectionStrings));
|
||||
_cookieManager = cookieManager;
|
||||
}
|
||||
@@ -136,7 +136,7 @@ namespace Umbraco.Web.Install.InstallSteps
|
||||
|
||||
// In this one case when it's a brand new install and nothing has been configured, make sure the
|
||||
// back office cookie is cleared so there's no old cookies lying around causing problems
|
||||
_cookieManager.ExpireCookie(_umbracoSettingsSection.Security.AuthCookieName);
|
||||
_cookieManager.ExpireCookie(_securitySettings.AuthCookieName);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@@ -142,7 +142,7 @@ namespace Umbraco.Web.Security
|
||||
/// <param name="runtimeState"></param>
|
||||
/// <param name="userService"></param>
|
||||
/// <param name="globalSettings"></param>
|
||||
/// <param name="securitySection"></param>
|
||||
/// <param name="securitySettings"></param>
|
||||
/// <returns></returns>
|
||||
/// <remarks>
|
||||
/// By default this will be configured to execute on PipelineStage.Authenticate
|
||||
@@ -152,12 +152,12 @@ namespace Umbraco.Web.Security
|
||||
IRuntimeState runtimeState,
|
||||
IUserService userService,
|
||||
IGlobalSettings globalSettings,
|
||||
ISecuritySection securitySection,
|
||||
ISecuritySettings securitySettings,
|
||||
IIOHelper ioHelper,
|
||||
IRequestCache requestCache,
|
||||
IUmbracoSettingsSection umbracoSettingsSection)
|
||||
{
|
||||
return app.UseUmbracoBackOfficeCookieAuthentication(umbracoContextAccessor, runtimeState, userService, globalSettings, securitySection, ioHelper, requestCache, PipelineStage.Authenticate, umbracoSettingsSection);
|
||||
return app.UseUmbracoBackOfficeCookieAuthentication(umbracoContextAccessor, runtimeState, userService, globalSettings, securitySettings, ioHelper, requestCache, PipelineStage.Authenticate);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@@ -168,7 +168,7 @@ namespace Umbraco.Web.Security
|
||||
/// <param name="runtimeState"></param>
|
||||
/// <param name="userService"></param>
|
||||
/// <param name="globalSettings"></param>
|
||||
/// <param name="securitySection"></param>
|
||||
/// <param name="securitySettings"></param>
|
||||
/// <param name="ioHelper"></param>
|
||||
/// <param name="stage">
|
||||
/// Configurable pipeline stage
|
||||
@@ -179,16 +179,15 @@ namespace Umbraco.Web.Security
|
||||
IRuntimeState runtimeState,
|
||||
IUserService userService,
|
||||
IGlobalSettings globalSettings,
|
||||
ISecuritySection securitySection,
|
||||
ISecuritySettings securitySettings,
|
||||
IIOHelper ioHelper,
|
||||
IRequestCache requestCache,
|
||||
PipelineStage stage,
|
||||
IUmbracoSettingsSection umbracoSettingsSection)
|
||||
PipelineStage stage)
|
||||
{
|
||||
//Create the default options and provider
|
||||
var authOptions = app.CreateUmbracoCookieAuthOptions(umbracoContextAccessor, globalSettings, runtimeState, securitySection, ioHelper, requestCache);
|
||||
var authOptions = app.CreateUmbracoCookieAuthOptions(umbracoContextAccessor, globalSettings, runtimeState, securitySettings, ioHelper, requestCache);
|
||||
|
||||
authOptions.Provider = new BackOfficeCookieAuthenticationProvider(userService, runtimeState, globalSettings, ioHelper, umbracoSettingsSection)
|
||||
authOptions.Provider = new BackOfficeCookieAuthenticationProvider(userService, runtimeState, globalSettings, ioHelper, securitySettings)
|
||||
{
|
||||
// Enables the application to validate the security stamp when the user
|
||||
// logs in. This is a security feature which is used when you
|
||||
@@ -201,7 +200,7 @@ namespace Umbraco.Web.Security
|
||||
|
||||
};
|
||||
|
||||
return app.UseUmbracoBackOfficeCookieAuthentication(umbracoContextAccessor, runtimeState, globalSettings, securitySection, ioHelper, requestCache, authOptions, stage);
|
||||
return app.UseUmbracoBackOfficeCookieAuthentication(umbracoContextAccessor, runtimeState, globalSettings, securitySettings, ioHelper, requestCache, authOptions, stage);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@@ -211,7 +210,7 @@ namespace Umbraco.Web.Security
|
||||
/// <param name="umbracoContextAccessor"></param>
|
||||
/// <param name="runtimeState"></param>
|
||||
/// <param name="globalSettings"></param>
|
||||
/// <param name="securitySection"></param>
|
||||
/// <param name="securitySettings"></param>
|
||||
/// <param name="ioHelper"></param>
|
||||
/// <param name="cookieOptions">Custom auth cookie options can be specified to have more control over the cookie authentication logic</param>
|
||||
/// <param name="stage">
|
||||
@@ -219,7 +218,7 @@ namespace Umbraco.Web.Security
|
||||
/// </param>
|
||||
/// <returns></returns>
|
||||
public static IAppBuilder UseUmbracoBackOfficeCookieAuthentication(this IAppBuilder app, IUmbracoContextAccessor umbracoContextAccessor, IRuntimeState runtimeState, IGlobalSettings globalSettings,
|
||||
ISecuritySection securitySection, IIOHelper ioHelper, IRequestCache requestCache, CookieAuthenticationOptions cookieOptions, PipelineStage stage)
|
||||
ISecuritySettings securitySettings, IIOHelper ioHelper, IRequestCache requestCache, CookieAuthenticationOptions cookieOptions, PipelineStage stage)
|
||||
{
|
||||
if (app == null) throw new ArgumentNullException(nameof(app));
|
||||
if (runtimeState == null) throw new ArgumentNullException(nameof(runtimeState));
|
||||
@@ -235,7 +234,7 @@ namespace Umbraco.Web.Security
|
||||
if (runtimeState.Level != RuntimeLevel.Upgrade && runtimeState.Level != RuntimeLevel.Run) return app;
|
||||
|
||||
var cookieAuthOptions = app.CreateUmbracoCookieAuthOptions(
|
||||
umbracoContextAccessor, globalSettings, runtimeState, securitySection,
|
||||
umbracoContextAccessor, globalSettings, runtimeState, securitySettings,
|
||||
//This defines the explicit path read cookies from for this middleware
|
||||
ioHelper, requestCache, new[] {$"{globalSettings.Path}/backoffice/UmbracoApi/Authentication/GetRemainingTimeoutSeconds"});
|
||||
cookieAuthOptions.Provider = cookieOptions.Provider;
|
||||
@@ -244,7 +243,7 @@ namespace Umbraco.Web.Security
|
||||
app.Use<GetUserSecondsMiddleWare>(
|
||||
cookieAuthOptions,
|
||||
Current.Configs.Global(),
|
||||
Current.Configs.Settings().Security,
|
||||
Current.Configs.Security(),
|
||||
app.CreateLogger<GetUserSecondsMiddleWare>());
|
||||
|
||||
//This is required so that we can read the auth ticket format outside of this pipeline
|
||||
@@ -350,7 +349,7 @@ namespace Umbraco.Web.Security
|
||||
CookiePath = "/",
|
||||
CookieSecure = globalSettings.UseHttps ? CookieSecureOption.Always : CookieSecureOption.SameAsRequest,
|
||||
CookieHttpOnly = true,
|
||||
CookieDomain = Current.Configs.Settings().Security.AuthCookieDomain
|
||||
CookieDomain = Current.Configs.Security().AuthCookieDomain
|
||||
}, stage);
|
||||
|
||||
return app;
|
||||
@@ -373,7 +372,7 @@ namespace Umbraco.Web.Security
|
||||
/// <remarks>
|
||||
/// By default this will be configured to execute on PipelineStage.PostAuthenticate
|
||||
/// </remarks>
|
||||
public static IAppBuilder UseUmbracoPreviewAuthentication(this IAppBuilder app, IUmbracoContextAccessor umbracoContextAccessor, IRuntimeState runtimeState, IGlobalSettings globalSettings, ISecuritySection securitySettings, IIOHelper ioHelper, IRequestCache requestCache)
|
||||
public static IAppBuilder UseUmbracoPreviewAuthentication(this IAppBuilder app, IUmbracoContextAccessor umbracoContextAccessor, IRuntimeState runtimeState, IGlobalSettings globalSettings, ISecuritySettings securitySettings, IIOHelper ioHelper, IRequestCache requestCache)
|
||||
{
|
||||
return app.UseUmbracoPreviewAuthentication(umbracoContextAccessor, runtimeState, globalSettings, securitySettings, ioHelper, requestCache, PipelineStage.PostAuthenticate);
|
||||
}
|
||||
@@ -393,7 +392,7 @@ namespace Umbraco.Web.Security
|
||||
/// This ensures that during a preview request that the back office use is also Authenticated and that the back office Identity
|
||||
/// is added as a secondary identity to the current IPrincipal so it can be used to Authorize the previewed document.
|
||||
/// </remarks>
|
||||
public static IAppBuilder UseUmbracoPreviewAuthentication(this IAppBuilder app, IUmbracoContextAccessor umbracoContextAccessor, IRuntimeState runtimeState, IGlobalSettings globalSettings, ISecuritySection securitySettings, IIOHelper ioHelper, IRequestCache requestCache, PipelineStage stage)
|
||||
public static IAppBuilder UseUmbracoPreviewAuthentication(this IAppBuilder app, IUmbracoContextAccessor umbracoContextAccessor, IRuntimeState runtimeState, IGlobalSettings globalSettings, ISecuritySettings securitySettings, IIOHelper ioHelper, IRequestCache requestCache, PipelineStage stage)
|
||||
{
|
||||
if (runtimeState.Level != RuntimeLevel.Run) return app;
|
||||
|
||||
@@ -428,7 +427,7 @@ namespace Umbraco.Web.Security
|
||||
/// <returns></returns>
|
||||
public static UmbracoBackOfficeCookieAuthOptions CreateUmbracoCookieAuthOptions(this IAppBuilder app,
|
||||
IUmbracoContextAccessor umbracoContextAccessor,
|
||||
IGlobalSettings globalSettings, IRuntimeState runtimeState, ISecuritySection securitySettings, IIOHelper ioHelper, IRequestCache requestCache, string[] explicitPaths = null)
|
||||
IGlobalSettings globalSettings, IRuntimeState runtimeState, ISecuritySettings securitySettings, IIOHelper ioHelper, IRequestCache requestCache, string[] explicitPaths = null)
|
||||
{
|
||||
//this is how aspnet wires up the default AuthenticationTicket protector so we'll use the same code
|
||||
var ticketDataFormat = new TicketDataFormat(
|
||||
|
||||
@@ -144,7 +144,7 @@ namespace Umbraco.Web.Security
|
||||
public static void UmbracoLogout(this HttpContextBase http)
|
||||
{
|
||||
if (http == null) throw new ArgumentNullException("http");
|
||||
Logout(http, Current.Configs.Settings().Security.AuthCookieName);
|
||||
Logout(http, Current.Configs.Security().AuthCookieName);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
@@ -202,7 +202,7 @@ namespace Umbraco.Web.Security
|
||||
public static AuthenticationTicket GetUmbracoAuthTicket(this HttpContextBase http)
|
||||
{
|
||||
if (http == null) throw new ArgumentNullException(nameof(http));
|
||||
return GetAuthTicket(http, Current.Configs.Settings().Security.AuthCookieName);
|
||||
return GetAuthTicket(http, Current.Configs.Security().AuthCookieName);
|
||||
}
|
||||
|
||||
internal static AuthenticationTicket GetUmbracoAuthTicket(this HttpContext http)
|
||||
@@ -214,7 +214,7 @@ namespace Umbraco.Web.Security
|
||||
public static AuthenticationTicket GetUmbracoAuthTicket(this IOwinContext ctx)
|
||||
{
|
||||
if (ctx == null) throw new ArgumentNullException(nameof(ctx));
|
||||
return GetAuthTicket(ctx, Current.Configs.Settings().Security.AuthCookieName);
|
||||
return GetAuthTicket(ctx, Current.Configs.Security().AuthCookieName);
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
|
||||
@@ -20,15 +20,15 @@ namespace Umbraco.Web.Security
|
||||
private readonly IRuntimeState _runtimeState;
|
||||
private readonly IGlobalSettings _globalSettings;
|
||||
private readonly IIOHelper _ioHelper;
|
||||
private readonly IUmbracoSettingsSection _umbracoSettingsSection;
|
||||
private readonly ISecuritySettings _securitySettings;
|
||||
|
||||
public BackOfficeCookieAuthenticationProvider(IUserService userService, IRuntimeState runtimeState, IGlobalSettings globalSettings, IIOHelper ioHelper, IUmbracoSettingsSection umbracoSettingsSection)
|
||||
public BackOfficeCookieAuthenticationProvider(IUserService userService, IRuntimeState runtimeState, IGlobalSettings globalSettings, IIOHelper ioHelper, ISecuritySettings securitySettings)
|
||||
{
|
||||
_userService = userService;
|
||||
_runtimeState = runtimeState;
|
||||
_globalSettings = globalSettings;
|
||||
_ioHelper = ioHelper;
|
||||
_umbracoSettingsSection = umbracoSettingsSection;
|
||||
_securitySettings = securitySettings;
|
||||
}
|
||||
|
||||
public override void ResponseSignIn(CookieResponseSignInContext context)
|
||||
@@ -72,7 +72,7 @@ namespace Umbraco.Web.Security
|
||||
Expires = DateTime.Now.AddYears(-1),
|
||||
Path = "/"
|
||||
});
|
||||
context.Response.Cookies.Append(_umbracoSettingsSection.Security.AuthCookieName, "", new CookieOptions
|
||||
context.Response.Cookies.Append(_securitySettings.AuthCookieName, "", new CookieOptions
|
||||
{
|
||||
Expires = DateTime.Now.AddYears(-1),
|
||||
Path = "/"
|
||||
|
||||
@@ -24,14 +24,14 @@ namespace Umbraco.Web.Security
|
||||
{
|
||||
private readonly UmbracoBackOfficeCookieAuthOptions _authOptions;
|
||||
private readonly IGlobalSettings _globalSettings;
|
||||
private readonly ISecuritySection _security;
|
||||
private readonly ISecuritySettings _security;
|
||||
private readonly ILogger _logger;
|
||||
|
||||
public GetUserSecondsMiddleWare(
|
||||
OwinMiddleware next,
|
||||
UmbracoBackOfficeCookieAuthOptions authOptions,
|
||||
IGlobalSettings globalSettings,
|
||||
ISecuritySection security,
|
||||
ISecuritySettings security,
|
||||
ILogger logger)
|
||||
: base(next)
|
||||
{
|
||||
|
||||
@@ -20,7 +20,7 @@ namespace Umbraco.Web.Security
|
||||
public UmbracoBackOfficeCookieAuthOptions(
|
||||
string[] explicitPaths,
|
||||
IUmbracoContextAccessor umbracoContextAccessor,
|
||||
ISecuritySection securitySection,
|
||||
ISecuritySettings securitySettings,
|
||||
IGlobalSettings globalSettings,
|
||||
IRuntimeState runtimeState,
|
||||
ISecureDataFormat<AuthenticationTicket> secureDataFormat,
|
||||
@@ -33,8 +33,8 @@ namespace Umbraco.Web.Security
|
||||
|
||||
SlidingExpiration = true;
|
||||
ExpireTimeSpan = TimeSpan.FromMinutes(LoginTimeoutMinutes);
|
||||
CookieDomain = securitySection.AuthCookieDomain;
|
||||
CookieName = securitySection.AuthCookieName;
|
||||
CookieDomain = securitySettings.AuthCookieDomain;
|
||||
CookieName = securitySettings.AuthCookieName;
|
||||
CookieHttpOnly = true;
|
||||
CookieSecure = globalSettings.UseHttps ? CookieSecureOption.Always : CookieSecureOption.SameAsRequest;
|
||||
CookiePath = "/";
|
||||
|
||||
@@ -29,6 +29,7 @@ namespace Umbraco.Web
|
||||
protected IUmbracoContextAccessor UmbracoContextAccessor => Current.UmbracoContextAccessor;
|
||||
protected IGlobalSettings GlobalSettings => Current.Configs.Global();
|
||||
protected IUmbracoSettingsSection UmbracoSettings => Current.Configs.Settings();
|
||||
protected ISecuritySettings SecuritySettings => Current.Configs.Security();
|
||||
protected IUserPasswordConfiguration UserPasswordConfig => Current.Configs.UserPasswordConfiguration();
|
||||
protected IRuntimeState RuntimeState => Current.RuntimeState;
|
||||
protected ServiceContext Services => Current.Services;
|
||||
@@ -104,9 +105,9 @@ namespace Umbraco.Web
|
||||
// Ensure owin is configured for Umbraco back office authentication.
|
||||
// Front-end OWIN cookie configuration must be declared after this code.
|
||||
app
|
||||
.UseUmbracoBackOfficeCookieAuthentication(UmbracoContextAccessor, RuntimeState, Services.UserService, GlobalSettings, UmbracoSettings.Security, IOHelper, RequestCache, PipelineStage.Authenticate, UmbracoSettings)
|
||||
.UseUmbracoBackOfficeCookieAuthentication(UmbracoContextAccessor, RuntimeState, Services.UserService, GlobalSettings, SecuritySettings, IOHelper, RequestCache, PipelineStage.Authenticate)
|
||||
.UseUmbracoBackOfficeExternalCookieAuthentication(UmbracoContextAccessor, RuntimeState, GlobalSettings, IOHelper, RequestCache, PipelineStage.Authenticate)
|
||||
.UseUmbracoPreviewAuthentication(UmbracoContextAccessor, RuntimeState, GlobalSettings, UmbracoSettings.Security, IOHelper, RequestCache, PipelineStage.Authorize);
|
||||
.UseUmbracoPreviewAuthentication(UmbracoContextAccessor, RuntimeState, GlobalSettings, SecuritySettings, IOHelper, RequestCache, PipelineStage.Authorize);
|
||||
}
|
||||
|
||||
public static event EventHandler<OwinMiddlewareConfiguredEventArgs> MiddlewareConfigured;
|
||||
|
||||
Reference in New Issue
Block a user