add user impersonation

2025-01-31 11:14:13 -05:00
parent 1fd2aedf96
commit de6c57a7ee
7 changed files with 138 additions and 4 deletions
--- a/Oqtane.Server/Pages/Login.cshtml.cs
+++ b/Oqtane.Server/Pages/Login.cshtml.cs
@ -4,8 +4,11 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Identity;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Mvc.RazorPages;
+using Oqtane.Enums;
 using Oqtane.Extensions;
+using Oqtane.Infrastructure;
 using Oqtane.Managers;
+using Oqtane.Security;
 using Oqtane.Shared;

 namespace Oqtane.Pages
@ -16,12 +19,14 @@ namespace Oqtane.Pages
        private readonly UserManager<IdentityUser> _identityUserManager;
        private readonly SignInManager<IdentityUser> _identitySignInManager;
        private readonly IUserManager _userManager;
+        private readonly ILogManager _logger;

-        public LoginModel(UserManager<IdentityUser> identityUserManager, SignInManager<IdentityUser> identitySignInManager, IUserManager userManager)
+        public LoginModel(UserManager<IdentityUser> identityUserManager, SignInManager<IdentityUser> identitySignInManager, IUserManager userManager, ILogManager logger)
        {
            _identityUserManager = identityUserManager;
            _identitySignInManager = identitySignInManager;
            _userManager = userManager;
+            _logger = logger;
        }

        public async Task<IActionResult> OnPostAsync(string username, string password, bool remember, string returnurl)
@ -37,7 +42,7 @@ namespace Oqtane.Pages
                    {
                        var alias = HttpContext.GetAlias();
                        var user = _userManager.GetUser(identityuser.UserName, alias.SiteId);
-                        if (user != null && !user.IsDeleted)
+                        if (user != null && !user.IsDeleted && UserSecurity.ContainsRole(user.Roles, RoleNames.Registered))
                        {
                            validuser = true;
                        }
@ -48,7 +53,16 @@ namespace Oqtane.Pages
                {
                    // note that .NET Identity uses a hardcoded ApplicationScheme of "Identity.Application" in SignInAsync
                    await _identitySignInManager.SignInAsync(identityuser, remember);
+                    _logger.Log(LogLevel.Information, this, LogFunction.Security, "Login Successful For User {Username}", username);
                }
+                else
+                {
+                    _logger.Log(LogLevel.Error, this, LogFunction.Security, "Login Failed For User {Username}", username);
+                }
+            }
+            else
+            {
+                _logger.Log(LogLevel.Error, this, LogFunction.Security, "Unauthorized Attempt To Login User {Username}", username);
            }

            if (returnurl == null)