ensure Logins are site specific

2025-10-29 20:04:35 -04:00
parent 670f3854fa
commit d5ad29be34
4 changed files with 30 additions and 12 deletions
--- a/Oqtane.Client/Modules/Admin/UserProfile/Index.razor
+++ b/Oqtane.Client/Modules/Admin/UserProfile/Index.razor
@ -121,7 +121,7 @@
                    }
                    else
                    {
-                        <ModuleMessage Type="MessageType.Warning" Message="@Localizer["Message.Passkey.Insecure"]" />
+                        <ModuleMessage Type="MessageType.Warning" Message="@Localizer["Message.Passkeys.Insecure"]" />
                    }
                    @if (_passkeys != null && _passkeys.Count > 0)
                    {
@ -147,6 +147,10 @@
                            </Row>
                        </Pager>
                    }
+                    else
+                    {
+                        <div>@Localizer["Message.Passkeys.None"]</div>
+                    }
                </Section>
                <br />
            }
@ -166,6 +170,10 @@
                            </Row>
                        </Pager>
                    }
+                    else
+                    {
+                        <div>@Localizer["Message.Logins.None"]</div>
+                    }
                </Section>
                <br />
            }
@ -370,7 +378,7 @@
                else
                {
                    <div class="no-notifications-text">
-                        @Localizer["NoNotificationsReceived.Text"]
+                        @Localizer["NoNotificationsReceived"]
                    </div>
                }
            }
@ -434,7 +442,7 @@
                else
                {
                    <div class="no-notifications-text">
-                        @Localizer["NoNotificationsSent.Text"]
+                        @Localizer["NoNotificationsSent"]
                    </div>
                }
            }
--- a/Oqtane.Client/Resources/Modules/Admin/UserProfile/Index.resx
+++ b/Oqtane.Client/Resources/Modules/Admin/UserProfile/Index.resx
@ -231,11 +231,11 @@
  <data name="DeleteNotification.Text" xml:space="preserve">
    <value>Delete</value>
  </data>
-  <data name="NoNotificationsReceived.Text" xml:space="preserve">
-    <value>No notifications have been received</value>
+  <data name="NoNotificationsReceived" xml:space="preserve">
+    <value>You Have Not Received Any Notifications</value>
  </data>
-  <data name="NoNotificationsSent.Text" xml:space="preserve">
-    <value>No notifications have been sent</value>
+  <data name="NoNotificationsSent" xml:space="preserve">
+    <value>You Have Not Sent Any Notifications</value>
  </data>
  <data name="Logout Everywhere" xml:space="preserve">
    <value>Logout Everywhere</value>
@ -279,7 +279,13 @@
  <data name="Confirm.Login.Delete" xml:space="preserve">
    <value>Are You Sure You Wish To Delete {0}?</value>
  </data>
-  <data name="Message.Passkey.Insecure" xml:space="preserve">
+  <data name="Message.Passkeys.Insecure" xml:space="preserve">
    <value>Passkeys Can Only Be Created Using a Secure Browser Connection</value>
  </data>
+  <data name="Message.Passkeys.None" xml:space="preserve">
+    <value>You Have Not Created Any Passkeys</value>
+  </data>
+  <data name="Message.Logins.None" xml:space="preserve">
+    <value>You Do Not Have Any External Logins For This Site</value>
+  </data>
 </root>
--- a/Oqtane.Server/Controllers/UserController.cs
+++ b/Oqtane.Server/Controllers/UserController.cs
@ -504,7 +504,7 @@ namespace Oqtane.Controllers
        [Authorize]
        public async Task<IEnumerable<UserLogin>> GetLogins()
        {
-            return await _userManager.GetLogins(_userPermissions.GetUser(User).UserId);
+            return await _userManager.GetLogins(_userPermissions.GetUser(User).UserId, _tenantManager.GetAlias().SiteId);
        }

        // DELETE api/<controller>/login?provider=x&key=y
--- a/Oqtane.Server/Managers/UserManager.cs
+++ b/Oqtane.Server/Managers/UserManager.cs
@ -4,6 +4,7 @@ using System.Globalization;
 using System.IO;
 using System.Linq;
 using System.Net;
+using System.Security.Policy;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.EntityFrameworkCore;
@ -39,7 +40,7 @@ namespace Oqtane.Managers
        Task<List<UserPasskey>> GetPasskeys(int userId);
        Task UpdatePasskey(UserPasskey passkey);
        Task DeletePasskey(int userId, byte[] credentialId);
-        Task<List<UserLogin>> GetLogins(int userId);
+        Task<List<UserLogin>> GetLogins(int userId, int siteId);
        Task DeleteLogin(int userId, string provider, string key);
    }

@ -875,7 +876,7 @@ namespace Oqtane.Managers
            }
        }

-        public async Task<List<UserLogin>> GetLogins(int userId)
+        public async Task<List<UserLogin>> GetLogins(int userId, int siteId)
        {
            var logins = new List<UserLogin>();
            var user = _users.GetUser(userId);
@ -887,7 +888,10 @@ namespace Oqtane.Managers
                    var userlogins = await _identityUserManager.GetLoginsAsync(identityuser);
                    foreach (var userlogin in userlogins)
                    {
-                        logins.Add(new UserLogin { Provider = userlogin.LoginProvider, Key = userlogin.ProviderKey, Name = userlogin.ProviderDisplayName });
+                        if (userlogin.LoginProvider.EndsWith(":" + siteId.ToString()))
+                        {
+                            logins.Add(new UserLogin { Provider = userlogin.LoginProvider, Key = userlogin.ProviderKey, Name = userlogin.ProviderDisplayName });
+                        }
                    }
                }
            }