View Source
Class AuthenticationController
Inheritance
System.Object
Microsoft.AspNetCore.Mvc.ControllerBase
Assembly: Umbraco.Web.BackOffice.dll
Syntax
[AngularJsonOnlyConfiguration]
public class AuthenticationController : UmbracoApiControllerBase
Constructors
View Source
AuthenticationController(IBackOfficeSecurityAccessor, IBackOfficeUserManager, IBackOfficeSignInManager, IUserService, ILocalizedTextService, IUmbracoMapper, IOptionsSnapshot<GlobalSettings>, IOptionsSnapshot<SecuritySettings>, ILogger<AuthenticationController>, IIpResolver, IOptionsSnapshot<UserPasswordConfigurationSettings>, IEmailSender, ISmsSender, IHostingEnvironment, LinkGenerator, IBackOfficeExternalLoginProviders, IBackOfficeTwoFactorOptions, IHttpContextAccessor, IOptions<WebRoutingSettings>, ITwoFactorLoginService)
Declaration
[ActivatorUtilitiesConstructor]
public AuthenticationController(IBackOfficeSecurityAccessor backofficeSecurityAccessor, IBackOfficeUserManager backOfficeUserManager, IBackOfficeSignInManager signInManager, IUserService userService, ILocalizedTextService textService, IUmbracoMapper umbracoMapper, IOptionsSnapshot<GlobalSettings> globalSettings, IOptionsSnapshot<SecuritySettings> securitySettings, ILogger<AuthenticationController> logger, IIpResolver ipResolver, IOptionsSnapshot<UserPasswordConfigurationSettings> passwordConfiguration, IEmailSender emailSender, ISmsSender smsSender, IHostingEnvironment hostingEnvironment, LinkGenerator linkGenerator, IBackOfficeExternalLoginProviders externalAuthenticationOptions, IBackOfficeTwoFactorOptions backOfficeTwoFactorOptions, IHttpContextAccessor httpContextAccessor, IOptions<WebRoutingSettings> webRoutingSettings, ITwoFactorLoginService twoFactorLoginService)
Parameters
Type |
Name |
Description |
IBackOfficeSecurityAccessor |
backofficeSecurityAccessor |
|
IBackOfficeUserManager |
backOfficeUserManager |
|
IBackOfficeSignInManager |
signInManager |
|
IUserService |
userService |
|
ILocalizedTextService |
textService |
|
IUmbracoMapper |
umbracoMapper |
|
Microsoft.Extensions.Options.IOptionsSnapshot<GlobalSettings> |
globalSettings |
|
Microsoft.Extensions.Options.IOptionsSnapshot<SecuritySettings> |
securitySettings |
|
Microsoft.Extensions.Logging.ILogger<AuthenticationController> |
logger |
|
IIpResolver |
ipResolver |
|
Microsoft.Extensions.Options.IOptionsSnapshot<UserPasswordConfigurationSettings> |
passwordConfiguration |
|
Microsoft.AspNetCore.Identity.IEmailSender |
emailSender |
|
ISmsSender |
smsSender |
|
IHostingEnvironment |
hostingEnvironment |
|
Microsoft.AspNetCore.Routing.LinkGenerator |
linkGenerator |
|
IBackOfficeExternalLoginProviders |
externalAuthenticationOptions |
|
IBackOfficeTwoFactorOptions |
backOfficeTwoFactorOptions |
|
Microsoft.AspNetCore.Http.IHttpContextAccessor |
httpContextAccessor |
|
Microsoft.Extensions.Options.IOptions<WebRoutingSettings> |
webRoutingSettings |
|
ITwoFactorLoginService |
twoFactorLoginService |
|
Methods
View Source
Get2FAProviders()
Used to retrieve the 2FA providers for code submission
Declaration
[SetAngularAntiForgeryTokens]
[AllowAnonymous]
public async Task<ActionResult<IEnumerable<string>>> Get2FAProviders()
Returns
Type |
Description |
Task<Microsoft.AspNetCore.Mvc.ActionResult<IEnumerable<System.String>>> |
|
View Source
GetCurrentInvitedUser()
When a user is invited they are not approved but we need to resolve the partially logged on (non approved)
user.
Declaration
[Authorize(Policy = "BackOfficeAccessWithoutApproval")]
[Authorize(Policy = "DenyLocalLoginIfConfigured")]
[SetAngularAntiForgeryTokens]
[AllowAnonymous]
public ActionResult<UserDetail?> GetCurrentInvitedUser()
Returns
Type |
Description |
Microsoft.AspNetCore.Mvc.ActionResult<System.Nullable<UserDetail>> |
It returns a 403 error if the logged-in user has already been created.
|
View Source
GetCurrentUser()
Returns the currently logged in Umbraco user
Declaration
[Authorize(Policy = "BackOfficeAccess")]
[SetAngularAntiForgeryTokens]
public UserDetail? GetCurrentUser()
Returns
Type |
Description |
System.Nullable<UserDetail> |
|
View Source
GetPasswordConfig(Int32)
Returns the configuration for the backoffice user membership provider - used to configure the change password
dialog
Declaration
[AllowAnonymous]
[Authorize(Policy = "BackOfficeAccess")]
public IDictionary<string, object> GetPasswordConfig(int userId)
Parameters
Type |
Name |
Description |
System.Int32 |
userId |
|
Returns
Type |
Description |
IDictionary<System.String, System.Object> |
|
View Source
GetRemainingTimeoutSeconds()
Declaration
[HttpGet]
[AllowAnonymous]
public async Task<double> GetRemainingTimeoutSeconds()
Returns
Type |
Description |
Task<System.Double> |
|
View Source
IsAuthenticated()
Checks if the current user's cookie is valid and if so returns OK or a 400 (BadRequest)
Declaration
[HttpGet]
[AllowAnonymous]
public async Task<bool> IsAuthenticated()
Returns
Type |
Description |
Task<System.Boolean> |
|
View Source
PostLogin(LoginModel)
Declaration
[SetAngularAntiForgeryTokens]
[Authorize(Policy = "DenyLocalLoginIfConfigured")]
public async Task<ActionResult<UserDetail?>> PostLogin(LoginModel loginModel)
Parameters
Returns
Type |
Description |
Task<Microsoft.AspNetCore.Mvc.ActionResult<System.Nullable<UserDetail>>> |
|
View Source
PostLogout()
Logs the current user out
Declaration
[ValidateAngularAntiForgeryToken]
[AllowAnonymous]
public async Task<IActionResult> PostLogout()
Returns
Type |
Description |
Task<Microsoft.AspNetCore.Mvc.IActionResult> |
|
View Source
PostRequestPasswordReset(RequestPasswordResetModel)
Processes a password reset request. Looks for a match on the provided email address
and if found sends an email with a link to reset it
Declaration
[SetAngularAntiForgeryTokens]
[Authorize(Policy = "DenyLocalLoginIfConfigured")]
public async Task<IActionResult> PostRequestPasswordReset(RequestPasswordResetModel model)
Parameters
Type |
Name |
Description |
RequestPasswordResetModel |
model |
|
Returns
Type |
Description |
Task<Microsoft.AspNetCore.Mvc.IActionResult> |
|
View Source
PostSend2FACode(String)
Declaration
[SetAngularAntiForgeryTokens]
[AllowAnonymous]
public async Task<IActionResult> PostSend2FACode([FromBody] string provider)
Parameters
Type |
Name |
Description |
System.String |
provider |
|
Returns
Type |
Description |
Task<Microsoft.AspNetCore.Mvc.IActionResult> |
|
View Source
PostSetInvitedUserPassword(InvitePasswordModel)
When a user is invited and they click on the invitation link, they will be partially logged in
where they can set their username/password.
Declaration
[Authorize(Policy = "BackOfficeAccessWithoutApproval")]
[Authorize(Policy = "DenyLocalLoginIfConfigured")]
[SetAngularAntiForgeryTokens]
[AllowAnonymous]
public async Task<ActionResult<UserDetail?>> PostSetInvitedUserPassword(InvitePasswordModel invitePasswordModel)
Parameters
Returns
Type |
Description |
Task<Microsoft.AspNetCore.Mvc.ActionResult<System.Nullable<UserDetail>>> |
The user model for the invited user.
|
View Source
PostSetPassword(SetPasswordModel)
Processes a set password request. Validates the request and sets a new password.
Declaration
[SetAngularAntiForgeryTokens]
[AllowAnonymous]
public async Task<IActionResult> PostSetPassword(SetPasswordModel model)
Parameters
Type |
Name |
Description |
SetPasswordModel |
model |
|
Returns
Type |
Description |
Task<Microsoft.AspNetCore.Mvc.IActionResult> |
|
View Source
PostUnLinkLogin(UnLinkLoginModel)
Declaration
[Authorize(Policy = "BackOfficeAccess")]
[ValidateAngularAntiForgeryToken]
public async Task<IActionResult> PostUnLinkLogin(UnLinkLoginModel unlinkLoginModel)
Parameters
Type |
Name |
Description |
UnLinkLoginModel |
unlinkLoginModel |
|
Returns
Type |
Description |
Task<Microsoft.AspNetCore.Mvc.IActionResult> |
|
View Source
PostVerify2FACode(Verify2FACodeModel)
Declaration
[SetAngularAntiForgeryTokens]
[AllowAnonymous]
public async Task<ActionResult<UserDetail?>> PostVerify2FACode(Verify2FACodeModel model)
Parameters
Type |
Name |
Description |
Verify2FACodeModel |
model |
|
Returns
Type |
Description |
Task<Microsoft.AspNetCore.Mvc.ActionResult<System.Nullable<UserDetail>>> |
|
View Source
PostVerifyInvite(Int32, String)
Checks if a valid token is specified for an invited user and if so logs the user in and returns the user object
Declaration
[ValidateAngularAntiForgeryToken]
[Authorize(Policy = "DenyLocalLoginIfConfigured")]
public async Task<ActionResult<UserDisplay?>> PostVerifyInvite([FromQuery] int id, [FromQuery] string token)
Parameters
Type |
Name |
Description |
System.Int32 |
id |
|
System.String |
token |
|
Returns
Type |
Description |
Task<Microsoft.AspNetCore.Mvc.ActionResult<System.Nullable<UserDisplay>>> |
|