Commit Graph

11 Commits

Author SHA1 Message Date
Shannon 555b520a0c Cleans up the usages of auth cookies. OWIN is in charge of auth cookies but because we have Webforms, WebApi, MVC and OWIN, they all like to deal with cookies differently. OWIN should still be solely in charge of the auth cookies, so the auth extensions are cleaned up, the renewal now works by queuing the renewal and we have custom middleware detect if a force renewal has been queued and we renew the auth cookie there. Have obsoleted a few methods that should not be used that write auth tickets directly (this is purely for backwards compat with webforms). All of these changes now ensure that the auth cookie is renewed consistently between Webforms, WebApi, MVC and OWIN. Some changes also include ensuring that OWIN is used to sign out. 2015-11-19 18:12:21 +01:00
Shannon 53a0c55b14 Implements SignInManager, implements lock out policy for user manager, allows for better implementation of 2 factor auth for developers. Updates to latest owin libs. 2015-07-01 17:07:29 +02:00
Shannon dbd9240142 adds a token constant auth type 2015-04-10 17:03:07 +10:00
Shannon f2e319a01f Updates the UmbracoBackOfficeIdentity to have better support for claims and adds unit tests for it. Creates OwinLogger's and methods to apply them. Updates security methods to ensure that a UmbracoBackOfficeIdentity is returned even from a normal ClaimsIdentity which will be the case with bearer tokens. Updates the angular anti-forgery checker to be ignore if the auth type is not cookie based. Adds a simple token server provider that people can use if they want. Now token authentication is working. 2015-04-10 14:22:09 +10:00
Shannon e468492064 Updates back office ext methods to include the CallbackPath which is key to make multi-tenanted work and ensures that the back office providers are linked with the umbraco back office external cookie provider. Adds some docs about it too. Updates the web.config templates to ensure the correct assembly redirects. 2015-04-01 13:42:29 +11:00
Shannon 86833aa8bf Updates the back office external cookie name to be consistently cased with the other back office cookie names 2015-04-01 13:42:11 +11:00
Shannon 52c4d80cfc more identity awesome 2015-04-01 13:41:33 +11:00
Shannon 5d4d209030 Gets external cookies working with a custom auth type (so we don't interfere with the 'default') 2015-04-01 13:41:31 +11:00
Shannon 8c51e8bad8 Implements IExternalLoginService and the db table, implements more logic to start enabling this to work in the back office, need to implement the rest of the userstore and then implement a way once logged in to the back office to allow users to link their accounts with external logins. Currently if an external login is detected during startup and it has not been linked we'll throw an exception. Very very close to making this all work nicely. 2015-04-01 13:41:26 +11:00
Shannon 927add6f44 Updates UmbracoBackOfficeIdentity to add claims and adds a new ctor so people can create an identity manually - this is really the key, by doing this we'd already be able to have 3rd party authentication happening. Ensures our custom secure data format persists the user data 2015-04-01 13:41:21 +11:00
Shannon c38030def2 Fixes: U4-3855 Preview cookie should be a session cookie not persisted 2014-01-16 20:47:13 +11:00