Diplomarbeit-Absolventenverein/oqtane.framework
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

use EmailConfirmationToken (which is valid for 10 minutes)

Browse Source
This commit is contained in:
sbwalker
2025-12-15 10:43:11 -05:00
parent a48dff4a85
commit 87fd9dd000
2 changed files with 3 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
Oqtane.Server/Managers/UserManager.cs
View File

@@ -973,10 +973,6 @@ namespace Oqtane.Managers
var alias = _tenantManager.GetAlias(); var alias = _tenantManager.GetAlias();
var user = GetUser(identityuser.UserName, alias.SiteId); var user = GetUser(identityuser.UserName, alias.SiteId);
user.TwoFactorCode = token;
user.TwoFactorExpiry = DateTime.UtcNow.AddMinutes(10);
_users.UpdateUser(user);
string url = alias.Protocol + alias.Name + "/pages/loginlink?name=" + user.Username + "&token=" + WebUtility.UrlEncode(token); string url = alias.Protocol + alias.Name + "/pages/loginlink?name=" + user.Username + "&token=" + WebUtility.UrlEncode(token);
string siteName = _sites.GetSite(alias.SiteId).Name; string siteName = _sites.GetSite(alias.SiteId).Name;
string subject = _localizer["LoginLinkEmailSubject"]; string subject = _localizer["LoginLinkEmailSubject"];

8
Oqtane.Server/Pages/LoginLink.cshtml.cs
View File

@@ -18,14 +18,12 @@ namespace Oqtane.Pages
{ {
private readonly UserManager<IdentityUser> _identityUserManager; private readonly UserManager<IdentityUser> _identityUserManager;
private readonly SignInManager<IdentityUser> _identitySignInManager; private readonly SignInManager<IdentityUser> _identitySignInManager;
private readonly IUserManager _userManager;
private readonly ILogManager _logger; private readonly ILogManager _logger;
public LoginLinkModel(UserManager<IdentityUser> identityUserManager, SignInManager<IdentityUser> identitySignInManager, IUserManager userManager, ILogManager logger) public LoginLinkModel(UserManager<IdentityUser> identityUserManager, SignInManager<IdentityUser> identitySignInManager, ILogManager logger)
{ {
_identityUserManager = identityUserManager; _identityUserManager = identityUserManager;
_identitySignInManager = identitySignInManager; _identitySignInManager = identitySignInManager;
_userManager = userManager;
_logger = logger; _logger = logger;
} }
@@ -41,8 +39,8 @@ namespace Oqtane.Pages
IdentityUser identityuser = await _identityUserManager.FindByNameAsync(name); IdentityUser identityuser = await _identityUserManager.FindByNameAsync(name);
if (identityuser != null) if (identityuser != null)
{ {
var user = _userManager.GetUser(identityuser.UserName, HttpContext.GetAlias().SiteId); var result = await _identityUserManager.ConfirmEmailAsync(identityuser, token);
if (user != null && user.TwoFactorCode == token && DateTime.UtcNow < user.TwoFactorExpiry) if (result.Succeeded)
{ {
await _identitySignInManager.SignInAsync(identityuser, false); await _identitySignInManager.SignInAsync(identityuser, false);
_logger.Log(LogLevel.Information, this, LogFunction.Security, "Login Link Successful For User {Username}", name); _logger.Log(LogLevel.Information, this, LogFunction.Security, "Login Link Successful For User {Username}", name);