/// <summary> /// This will update the current request IPrincipal to be correct and re-create the auth ticket /// </summary> private async Task ReSync(IUser user, ActionExecutingContext actionContext) { BackOfficeIdentityUser backOfficeIdentityUser = _umbracoMapper.Map <BackOfficeIdentityUser>(user); await _backOfficeSignInManager.SignInAsync(backOfficeIdentityUser, isPersistent : true); // flag that we've made changes _requestCache.Set(nameof(CheckIfUserTicketDataIsStaleFilter), true); }
public async Task <ActionResult> CompleteInstall() { await _runtime.RestartAsync(); var identityUser = await _backOfficeUserManager.FindByIdAsync(Core.Constants.Security.SuperUserIdAsString); _backOfficeSignInManager.SignInAsync(identityUser, false); return(NoContent()); }
public async Task <ActionResult <UserDisplay> > PostVerifyInvite([FromQuery] int id, [FromQuery] string token) { if (string.IsNullOrWhiteSpace(token)) { return(NotFound()); } var decoded = token.FromUrlBase64(); if (decoded.IsNullOrWhiteSpace()) { return(NotFound()); } var identityUser = await _userManager.FindByIdAsync(id.ToString()); if (identityUser == null) { return(NotFound()); } var result = await _userManager.ConfirmEmailAsync(identityUser, decoded); if (result.Succeeded == false) { return(ValidationErrorResult.CreateNotificationValidationErrorResult(result.Errors.ToErrorMessage())); } await _signInManager.SignOutAsync(); await _signInManager.SignInAsync(identityUser, false); var user = _userService.GetUserById(id); return(_umbracoMapper.Map <UserDisplay>(user)); }
public async Task <IActionResult> VerifyInvite(string invite) { var authenticate = await this.AuthenticateBackOfficeAsync(); //if you are hitting VerifyInvite, you're already signed in as a different user, and the token is invalid //you'll exit on one of the return RedirectToAction(nameof(Default)) but you're still logged in so you just get //dumped at the default admin view with no detail if (authenticate.Succeeded) { await _signInManager.SignOutAsync(); } if (invite == null) { _logger.LogWarning("VerifyUser endpoint reached with invalid token: NULL"); return(RedirectToAction(nameof(Default))); } var parts = System.Net.WebUtility.UrlDecode(invite).Split('|'); if (parts.Length != 2) { _logger.LogWarning("VerifyUser endpoint reached with invalid token: {Invite}", invite); return(RedirectToAction(nameof(Default))); } var token = parts[1]; var decoded = token.FromUrlBase64(); if (decoded.IsNullOrWhiteSpace()) { _logger.LogWarning("VerifyUser endpoint reached with invalid token: {Invite}", invite); return(RedirectToAction(nameof(Default))); } var id = parts[0]; var identityUser = await _userManager.FindByIdAsync(id); if (identityUser == null) { _logger.LogWarning("VerifyUser endpoint reached with non existing user: {UserId}", id); return(RedirectToAction(nameof(Default))); } var result = await _userManager.ConfirmEmailAsync(identityUser, decoded); if (result.Succeeded == false) { _logger.LogWarning("Could not verify email, Error: {Errors}, Token: {Invite}", result.Errors.ToErrorMessage(), invite); return(new RedirectResult(Url.Action(nameof(Default)) + "#/login/false?invite=3")); } //sign the user in DateTime?previousLastLoginDate = identityUser.LastLoginDateUtc; await _signInManager.SignInAsync(identityUser, false); //reset the lastlogindate back to previous as the user hasn't actually logged in, to add a flag or similar to BackOfficeSignInManager would be a breaking change identityUser.LastLoginDateUtc = previousLastLoginDate; await _userManager.UpdateAsync(identityUser); return(new RedirectResult(Url.Action(nameof(Default)) + "#/login/false?invite=1")); }