fix #4638 - add Logout Everywhere option to User Profile
This commit is contained in:
sbwalker
@ -263,8 +263,24 @@ namespace Oqtane.Controllers
|
||||
[Authorize]
|
||||
public async Task Logout([FromBody] User user)
|
||||
{
|
||||
await HttpContext.SignOutAsync(Constants.AuthenticationScheme);
|
||||
_logger.Log(LogLevel.Information, this, LogFunction.Security, "User Logout {Username}", (user != null) ? user.Username : "");
|
||||
if (_userPermissions.GetUser(User).UserId == user.UserId)
|
||||
{
|
||||
await HttpContext.SignOutAsync(Constants.AuthenticationScheme);
|
||||
_logger.Log(LogLevel.Information, this, LogFunction.Security, "User Logout {Username}", (user != null) ? user.Username : "");
|
||||
}
|
||||
}
|
||||
|
||||
// POST api/<controller>/logout
|
||||
[HttpPost("logouteverywhere")]
|
||||
[Authorize]
|
||||
public async Task LogoutEverywhere([FromBody] User user)
|
||||
{
|
||||
if (_userPermissions.GetUser(User).UserId == user.UserId)
|
||||
{
|
||||
await _userManager.LogoutUserEverywhere(user);
|
||||
await HttpContext.SignOutAsync(Constants.AuthenticationScheme);
|
||||
_logger.Log(LogLevel.Information, this, LogFunction.Security, "User Logout Everywhere {Username}", (user != null) ? user.Username : "");
|
||||
}
|
||||
}
|
||||
|
||||
// POST api/<controller>/verify
|
||||
|
||||
@ -645,7 +645,7 @@ namespace Oqtane.Extensions
|
||||
}
|
||||
}
|
||||
|
||||
_logger.Log(LogLevel.Information, "ExternalLogin", Enums.LogFunction.Security, "External User Login Successful For {Username} Using Provider {Provider}", user.Username, providerName);
|
||||
_logger.Log(LogLevel.Information, "ExternalLogin", Enums.LogFunction.Security, "External User Login Successful For {Username} From IP Address {IPAddress} Using Provider {Provider}", user.Username, httpContext.Connection.RemoteIpAddress, providerName);
|
||||
}
|
||||
}
|
||||
else // claims invalid
|
||||
|
||||
@ -165,17 +165,11 @@ namespace Oqtane.Infrastructure
|
||||
names.Add(message.Substring(index + 1, message.IndexOf("}", index) - index - 1));
|
||||
if (values.Length > (names.Count - 1))
|
||||
{
|
||||
if (values[names.Count - 1] == null)
|
||||
{
|
||||
message = message.Replace("{" + names[names.Count - 1] + "}", "null");
|
||||
}
|
||||
else
|
||||
{
|
||||
message = message.Replace("{" + names[names.Count - 1] + "}", values[names.Count - 1].ToString());
|
||||
}
|
||||
var value = (values[names.Count - 1] == null) ? "null" : values[names.Count - 1].ToString();
|
||||
message = message.Replace("{" + names[names.Count - 1] + "}", value);
|
||||
}
|
||||
}
|
||||
index = message.IndexOf("{", index + 1);
|
||||
index = (index < message.Length - 1) ? message.IndexOf("{", index + 1) : -1;
|
||||
}
|
||||
// rebuild properties into dictionary
|
||||
Dictionary<string, object> propertyDictionary = new Dictionary<string, object>();
|
||||
|
||||
@ -13,6 +13,7 @@ namespace Oqtane.Managers
|
||||
Task<User> UpdateUser(User user);
|
||||
Task DeleteUser(int userid, int siteid);
|
||||
Task<User> LoginUser(User user, bool setCookie, bool isPersistent);
|
||||
Task LogoutUserEverywhere(User user);
|
||||
Task<User> VerifyEmail(User user, string token);
|
||||
Task ForgotPassword(User user);
|
||||
Task<User> ResetPassword(User user, string token);
|
||||
|
||||
@ -265,7 +265,6 @@ namespace Oqtane.Managers
|
||||
user = _users.UpdateUser(user);
|
||||
_syncManager.AddSyncEvent(_tenantManager.GetAlias(), EntityNames.User, user.UserId, SyncEventActions.Update);
|
||||
_syncManager.AddSyncEvent(_tenantManager.GetAlias(), EntityNames.User, user.UserId, SyncEventActions.Reload);
|
||||
_cache.Remove($"user:{user.UserId}:{alias.SiteKey}");
|
||||
user.Password = ""; // remove sensitive information
|
||||
_logger.Log(LogLevel.Information, this, LogFunction.Update, "User Updated {User}", user);
|
||||
}
|
||||
@ -373,7 +372,7 @@ namespace Oqtane.Managers
|
||||
user.LastLoginOn = DateTime.UtcNow;
|
||||
user.LastIPAddress = LastIPAddress;
|
||||
_users.UpdateUser(user);
|
||||
_logger.Log(LogLevel.Information, this, LogFunction.Security, "User Login Successful {Username}", user.Username);
|
||||
_logger.Log(LogLevel.Information, this, LogFunction.Security, "User Login Successful For {Username} From IP Address {IPAddress}", user.Username, LastIPAddress);
|
||||
|
||||
if (setCookie)
|
||||
{
|
||||
@ -420,6 +419,16 @@ namespace Oqtane.Managers
|
||||
|
||||
return user;
|
||||
}
|
||||
public async Task LogoutUserEverywhere(User user)
|
||||
{
|
||||
var identityuser = await _identityUserManager.FindByNameAsync(user.Username);
|
||||
if (identityuser != null)
|
||||
{
|
||||
await _identityUserManager.UpdateSecurityStampAsync(identityuser);
|
||||
_syncManager.AddSyncEvent(_tenantManager.GetAlias(), EntityNames.User, user.UserId, SyncEventActions.Update);
|
||||
_syncManager.AddSyncEvent(_tenantManager.GetAlias(), EntityNames.User, user.UserId, SyncEventActions.Reload);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<User> VerifyEmail(User user, string token)
|
||||
{
|
||||
|
||||
@ -23,7 +23,7 @@ namespace Oqtane.Pages
|
||||
_syncManager = syncManager;
|
||||
}
|
||||
|
||||
public async Task<IActionResult> OnPostAsync(string returnurl)
|
||||
public async Task<IActionResult> OnPostAsync(string returnurl, string everywhere)
|
||||
{
|
||||
if (HttpContext.User != null)
|
||||
{
|
||||
@ -31,6 +31,10 @@ namespace Oqtane.Pages
|
||||
var user = _userManager.GetUser(HttpContext.User.Identity.Name, alias.SiteId);
|
||||
if (user != null)
|
||||
{
|
||||
if (everywhere == "true")
|
||||
{
|
||||
await _userManager.LogoutUserEverywhere(user);
|
||||
}
|
||||
_syncManager.AddSyncEvent(alias, EntityNames.User, user.UserId, SyncEventActions.Reload);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user