7e817a5808
resolve antiforgery issue
2024-01-31 07:33:52 -05:00
82d7b9cf05
initial changes to migrate to new Blazor approach in .NET 8
2024-01-30 16:03:50 -05:00
afc6368915
abstract padding logic - don't repeat
2023-12-18 09:58:30 -05:00
c5d4e237ad
fix #3556 - pad token secret to 32 characters to resolve IDX1-720, change id of "secret" input to reduce chance of form autocomplete causing issues
2023-12-18 09:51:18 -05:00
0d718a5ca2
ignore Blazor framework requests
2023-12-13 18:25:21 -05:00
dd73d6e19a
fix regression issue
2023-12-13 11:18:32 -05:00
6621983a9c
HTML encode notifications sent by non-admins to prevent HTML injection
2023-12-13 10:07:21 -05:00
af3b289331
exclude legacy Permissions properties from serialization/API payload
2023-03-09 15:51:16 -05:00
2b41909d47
#2618 - add backward compatibility for permissions optimizations
2023-03-02 15:34:42 -05:00
8605e3ca5a
Major refactoring replacing permission strings with permission collections. These changes will require extensive regression testing. These changes may include breaking changes which will need to be identified and resolved to provide backward compatibility.
2023-02-28 17:59:21 -05:00
e136972cd7
add support for API permissions at the UI layer - including ability to delegate user, role, profile management
2023-01-09 11:38:25 -05:00
66aa67581f
improve dynamic policy registration to handle possible race conditions
2023-01-05 09:43:59 -05:00
b09a3ccdae
enhance dynamic authorization policies to support default role specification
2022-12-02 07:34:06 -05:00
6182b96d16
Scope permissions by SiteId to support entity level authorization as well as improve caching and performance. Optimize GetTenant to use existing cache.
2022-11-07 18:16:32 -05:00
2aa6eb90e2
add support for dynamic authorization policies
2022-11-04 08:08:10 -04:00
d1f50f12af
Fix #2399 - page paths not being validated for deleted pages
2022-09-06 10:50:53 -04:00
f96129fa37
Blazor Hybrid / .NET MAUI support
2022-08-11 17:09:32 -04:00
eed27e101a
fix #2176 - update LastIPAddress correctly during login
2022-05-05 09:57:09 -04:00
d3c40a7e8b
fix #2172 - File Upload issue caused by JS Interop not passing AntiForgery token in POST methid
2022-05-04 17:14:45 -04:00
391713b84d
Fix #2144 - install issue, Fix #2146 - move file issue, require verification of external login account linkage
2022-04-20 16:00:58 -04:00
f6b3874668
create separate API methods for tokens (short-lived) and personal access tokens (long-lived), include global antiforgery filter to mitigate XSRF when using cookie auth (ignored when using Jwt)
2022-04-14 19:41:43 -04:00
1c8debd894
better seperation of concerns
2022-03-31 08:35:11 -04:00
3194c5b600
remote service support via Jwt
2022-03-30 08:07:03 -04:00
b7a1d2df75
jwt improvements
2022-03-29 08:15:13 -04:00
a97af42e4b
add Jwt authorization support for for API
2022-03-28 21:51:55 -04:00
b92a888583
factor out auth constants, remove TAlias is Alias is not an extensible type, improve SiteOptions cache clearing, improve principal validation, localization improvements
2022-03-26 17:30:06 -04:00
4b19059df1
OIDC improvements
2022-03-21 09:12:18 -04:00
9bbbff31f8
Added support for per site options and OpenID Connect
2022-03-13 22:55:52 -04:00
c635351a12
resolved UI error when closing Event Log and Visitor Management, made button class consistent in Recycle Bin, refactored RichTextEditor, made use of ConfigManager consistently throughout framework, added support for deleted Sites, removed reference to Runtime in Startup as it is now set per Site, added versioning to Html/Text, added Meta tag support to Page Management
2022-02-06 12:19:42 -05:00
aa5aca3a8e
back out auth policy header support as Blazor HttpClient is registered as Scoped and can not support variable headers
2021-06-11 07:54:02 -04:00
bc720555c4
refactoring, enhancements, and some fixes
2021-06-10 08:16:02 -04:00
357ef09dd1
new controller auth parameter should take precedence over legacy
2021-06-06 10:03:54 -04:00
912b775553
preserve backward compatibility of CreateAuthorizationPolicyUrl method
2021-06-02 12:20:31 -04:00
e0c2763c9f
refactoring in preparation for release
2021-05-28 07:53:49 -04:00
41ed069072
fix #1389 - exception in PrincipalValidator
2021-05-24 08:17:46 -04:00
3f48c1f8fe
fix #1367 - provides support for multiple entities in auth policy and makes parameter names more intuitive - backward compatible with entityid
2021-05-23 10:29:05 -04:00
09537ab0e4
auth improvements related to multi-tenancy
2021-05-19 08:46:02 -04:00
955e7a3856
Factored out Contants.*** Role into RoleNames.***
...
Renamed 'AllUsers' to 'Everyone'
2020-10-16 06:22:52 -05:00
34538dd945
install/upgrade refactoring to consolidate all use cases and implement IInstallable interface for modules, moved tenant creation to site management UI, fixed z-order issues in Blazor theme, enhanced JS Interop methods to support integrity and crossorigin
2020-04-30 13:58:04 -04:00
7606e7b488
Permission Optimalization
2020-04-26 16:19:20 +02:00
02fde9cec3
rolled back change creating an Infrastructure.Interfaces namespace, modified IModule interface to be strongly typed ( #343 )
...
* upgrade to .NET Core 3.2 Preview 3 and fixes for issues created by #314
* Components based on Bootstrap4 for Sections and TabStrip to increase productivity and promote uniformity in Module UIs
* rolled back change creating an Infrastructure.Interfaces namespace, modified IModule interface to be strongly typed
2020-04-05 14:39:08 -04:00
5af6f7a52d
Namespace Fix undo ( #340 )
2020-04-04 14:06:24 -04:00
71bd3a8d6a
Namespace fix ( #335 )
2020-04-03 17:18:33 -04:00
18a843e74f
extensibility enhancements for site templates
2020-03-19 12:07:33 -04:00
cf6643aef3
Client fixes
...
Client is partially done.
227 warnings left out of 1500
I like Rider
2020-03-15 15:19:35 +01:00
5b3feaf26f
Server naming fixes and cleanup
...
Server is now completely cleaned up and without warnings
2020-03-15 11:53:24 +01:00
425b4e1c67
Fix casing for constructor params
2020-03-05 20:03:54 +03:00
303bdf3be2
Remove this keyword
2020-03-05 19:22:13 +03:00
a46235ea1e
Fix naming conventions for private fields
2020-03-05 01:46:53 +03:00
05eaf12003
fix page management
2020-02-18 17:49:36 -05:00
