completed antiforgery implementation, improved external login claim mapping, principal construction, and user experience

2022-04-22 17:54:20 -04:00
parent 391713b84d
commit e4c648ee92
38 changed files with 645 additions and 525 deletions
--- a/Oqtane.Server/Controllers/UserController.cs
+++ b/Oqtane.Server/Controllers/UserController.cs
@ -316,7 +316,7 @@ namespace Oqtane.Controllers

        // POST api/<controller>/login
        [HttpPost("login")]
-        public async Task<User> Login([FromBody] User user, bool setCookie, bool isPersistent)
+        public async Task<User> Login([FromBody] User user)
        {
            User loginUser = new User { SiteId = user.SiteId, Username = user.Username, IsAuthenticated = false };

@ -357,10 +357,6 @@ namespace Oqtane.Controllers
                                    loginUser.LastIPAddress = HttpContext.Connection.RemoteIpAddress.ToString();
                                    _users.UpdateUser(loginUser);
                                    _logger.Log(LogLevel.Information, this, LogFunction.Security, "User Login Successful {Username}", user.Username);
-                                    if (setCookie)
-                                    {
-                                        await _identitySignInManager.SignInAsync(identityuser, isPersistent);
-                                    }
                                }
                                else
                                {