public async Task <string> Upload(FileUploadViewModel image)
{
var settings = await _globalConfigurationAppService.GetPrivateSettings();
var provider = GetProvider(settings.Storage.Provider, settings);
return(await provider.Upload(image));
}
public async Task Should_Not_Truncate_Sensitive_Data_When_User_Is_Admin()
{
var anotherSetting = GlobalSettingsFaker.GenerateSetting(key: "Smtp:Password", sensitive: true).Generate();
_database.GlobalConfigurationSettings.Add(anotherSetting);
await _database.SaveChangesAsync();
var data = await _globalAppService.GetPrivateSettings();
data.Smtp.Password.Should().NotContain("Sensitive Data");
}
public async Task <IActionResult> Login(LoginInputModel model, string button)
{
// the user clicked the "cancel" button
var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
if (button != "login")
{
if (context != null)
{
// if the user cancels, send a result back into IdentityServer as if they
// denied the consent (even if this client does not require consent).
// this will send back an access denied OIDC error response to the client.
await _interaction.GrantConsentAsync(context, ConsentResponse.Denied);
// we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
return(Redirect(model.ReturnUrl));
}
else
{
// since we don't have a valid context, then we just go back to the home page
return(Redirect("~/"));
}
}
if (!ModelState.IsValid)
{
// something went wrong, show form with error
var vm = await BuildLoginViewModelAsync(model);
return(View(vm));
}
var privateSettings = await _globalConfigurationAppService.GetPrivateSettings();
if (privateSettings.LoginStrategy == LoginStrategyType.Ldap)
{
return(await LoginByLdap(model, context));
}
return(await LoginByAspNetIdentity(model, context));
}
public async Task <bool> IsCaptchaEnabled()
{
var settings = await _globalConfigurationAppService.GetPrivateSettings();
return(settings.UseRecaptcha);
}