fix external login
This commit is contained in:
sbwalker
parent
3351732a2f
commit
b0669a3b60
|
|
@ -20,6 +20,7 @@ using Microsoft.AspNetCore.Authentication.Cookies;
|
|||
using System.Net;
|
||||
using System.Text.Json.Nodes;
|
||||
using System.Globalization;
|
||||
using System.Collections.Generic;
|
||||
|
||||
namespace Oqtane.Extensions
|
||||
{
|
||||
|
|
@ -365,7 +366,6 @@ namespace Oqtane.Extensions
|
|||
{
|
||||
user = _users.GetUser(identityuser.UserName);
|
||||
user.SiteId = alias.SiteId;
|
||||
user.SecurityStamp = identityuser.SecurityStamp;
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -431,8 +431,6 @@ namespace Oqtane.Extensions
|
|||
var result = await _identityUserManager.CreateAsync(identityuser, password);
|
||||
if (result.Succeeded)
|
||||
{
|
||||
identityuser = await _identityUserManager.FindByNameAsync(username);
|
||||
|
||||
user = new User
|
||||
{
|
||||
SiteId = alias.SiteId,
|
||||
|
|
@ -440,8 +438,7 @@ namespace Oqtane.Extensions
|
|||
DisplayName = displayname,
|
||||
Email = emailaddress,
|
||||
LastLoginOn = null,
|
||||
LastIPAddress = "",
|
||||
SecurityStamp = identityuser.SecurityStamp
|
||||
LastIPAddress = ""
|
||||
};
|
||||
user = _users.AddUser(user);
|
||||
|
||||
|
|
@ -531,20 +528,17 @@ namespace Oqtane.Extensions
|
|||
// manage user
|
||||
if (user != null)
|
||||
{
|
||||
// create claims identity
|
||||
var _userRoles = httpContext.RequestServices.GetRequiredService<IUserRoleRepository>();
|
||||
var userRoles = _userRoles.GetUserRoles(user.UserId, user.SiteId).ToList();
|
||||
identity = UserSecurity.CreateClaimsIdentity(alias, user, userRoles);
|
||||
identity.Label = ExternalLoginStatus.Success;
|
||||
|
||||
// update user
|
||||
user.LastLoginOn = DateTime.UtcNow;
|
||||
user.LastIPAddress = httpContext.Connection.RemoteIpAddress.ToString();
|
||||
_users.UpdateUser(user);
|
||||
|
||||
// external roles
|
||||
// manage roles
|
||||
var _userRoles = httpContext.RequestServices.GetRequiredService<IUserRoleRepository>();
|
||||
var userRoles = _userRoles.GetUserRoles(user.UserId, user.SiteId).ToList();
|
||||
if (!string.IsNullOrEmpty(httpContext.GetSiteSettings().GetValue("ExternalLogin:RoleClaimType", "")))
|
||||
{
|
||||
// external roles
|
||||
if (claimsPrincipal.Claims.Any(item => item.Type == httpContext.GetSiteSettings().GetValue("ExternalLogin:RoleClaimType", "")))
|
||||
{
|
||||
var _roles = httpContext.RequestServices.GetRequiredService<IRoleRepository>();
|
||||
|
|
@ -590,6 +584,7 @@ namespace Oqtane.Extensions
|
|||
}
|
||||
}
|
||||
}
|
||||
userRoles = _userRoles.GetUserRoles(user.UserId, user.SiteId).ToList();
|
||||
}
|
||||
else
|
||||
{
|
||||
|
|
@ -597,6 +592,12 @@ namespace Oqtane.Extensions
|
|||
}
|
||||
}
|
||||
|
||||
// create claims identity
|
||||
identityuser = await _identityUserManager.FindByEmailAsync(user.Username);
|
||||
user.SecurityStamp = identityuser.SecurityStamp;
|
||||
identity = UserSecurity.CreateClaimsIdentity(alias, user, userRoles);
|
||||
identity.Label = ExternalLoginStatus.Success;
|
||||
|
||||
// user profile claims
|
||||
if (!string.IsNullOrEmpty(httpContext.GetSiteSettings().GetValue("ExternalLogin:ProfileClaimTypes", "")))
|
||||
{
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ namespace Oqtane.Security
|
|||
var user = userManager.GetUser(context.Principal.UserId(), alias.SiteId); // cached
|
||||
|
||||
// check if user is valid, not deleted, has roles, and security stamp has not changed
|
||||
if (user != null && !user.IsDeleted && user.Roles.Any() && context.Principal.SecurityStamp() == user.SecurityStamp)
|
||||
if (user != null && !user.IsDeleted && !string.IsNullOrEmpty(user.Roles) && context.Principal.SecurityStamp() == user.SecurityStamp)
|
||||
{
|
||||
// validate sitekey in case user has changed sites in installation
|
||||
if (context.Principal.SiteKey() != alias.SiteKey || !context.Principal.Roles().Any())
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user