View Source

Class BackOfficeUserManager

Inheritance
object
UserManager<BackOfficeIdentityUser>
UmbracoUserManager<BackOfficeIdentityUser, UserPasswordConfigurationSettings>
Namespace: Umbraco.Cms.Web.Common.Security
Assembly: Umbraco.Web.Common.dll
Syntax
public class BackOfficeUserManager : UmbracoUserManager<BackOfficeIdentityUser, UserPasswordConfigurationSettings>, IBackOfficeUserManager, IUmbracoUserManager<BackOfficeIdentityUser>, ICoreBackOfficeUserManager

Constructors

View Source

BackOfficeUserManager(IIpResolver, IUserStore<BackOfficeIdentityUser>, IOptions<BackOfficeIdentityOptions>, IPasswordHasher<BackOfficeIdentityUser>, IEnumerable<IUserValidator<BackOfficeIdentityUser>>, IEnumerable<IPasswordValidator<BackOfficeIdentityUser>>, BackOfficeErrorDescriber, IServiceProvider, IHttpContextAccessor, ILogger<UserManager<BackOfficeIdentityUser>>, IOptions<UserPasswordConfigurationSettings>, IEventAggregator, IBackOfficeUserPasswordChecker, IOptions<GlobalSettings>)

Declaration
public BackOfficeUserManager(IIpResolver ipResolver, IUserStore<BackOfficeIdentityUser> store, IOptions<BackOfficeIdentityOptions> optionsAccessor, IPasswordHasher<BackOfficeIdentityUser> passwordHasher, IEnumerable<IUserValidator<BackOfficeIdentityUser>> userValidators, IEnumerable<IPasswordValidator<BackOfficeIdentityUser>> passwordValidators, BackOfficeErrorDescriber errors, IServiceProvider services, IHttpContextAccessor httpContextAccessor, ILogger<UserManager<BackOfficeIdentityUser>> logger, IOptions<UserPasswordConfigurationSettings> passwordConfiguration, IEventAggregator eventAggregator, IBackOfficeUserPasswordChecker backOfficeUserPasswordChecker, IOptions<GlobalSettings> globalSettings)
Parameters
Type Name Description
IIpResolver ipResolver
IUserStore<BackOfficeIdentityUser> store
IOptions<BackOfficeIdentityOptions> optionsAccessor
IPasswordHasher<BackOfficeIdentityUser> passwordHasher
IEnumerable<IUserValidator<BackOfficeIdentityUser>> userValidators
IEnumerable<IPasswordValidator<BackOfficeIdentityUser>> passwordValidators
BackOfficeErrorDescriber errors
IServiceProvider services
IHttpContextAccessor httpContextAccessor
ILogger<UserManager<BackOfficeIdentityUser>> logger
IOptions<UserPasswordConfigurationSettings> passwordConfiguration
IEventAggregator eventAggregator
IBackOfficeUserPasswordChecker backOfficeUserPasswordChecker
IOptions<GlobalSettings> globalSettings

Methods

View Source

AccessFailedAsync(BackOfficeIdentityUser)

Overrides the Microsoft ASP.NET user management method

Declaration
public override Task<IdentityResult> AccessFailedAsync(BackOfficeIdentityUser user)
Parameters
Type Name Description
BackOfficeIdentityUser user
Returns
Type Description
Task<IdentityResult>
View Source

ChangePasswordAsync(BackOfficeIdentityUser, string, string)

Declaration
public override Task<IdentityResult> ChangePasswordAsync(BackOfficeIdentityUser user, string currentPassword, string newPassword)
Parameters
Type Name Description
BackOfficeIdentityUser user
string currentPassword
string newPassword
Returns
Type Description
Task<IdentityResult>
View Source

ChangePasswordWithResetAsync(string, string, string)

This is a special method that will reset the password but will raise the Password Changed event instead of the reset event

Declaration
public override Task<IdentityResult> ChangePasswordWithResetAsync(string userId, string token, string newPassword)
Parameters
Type Name Description
string userId

The userId
string token

The reset password token
string newPassword

The new password to set it to
Returns
Type Description
Task<IdentityResult>

The Microsoft.AspNetCore.Identity.IdentityResult
Remarks

We use this because in the back office the only way an admin can change another user's password without first knowing their password is to generate a token and reset it, however, when we do this we want to track a password change, not a password reset

View Source

CreateAsync(UserCreateModel)

Creates a new back office user.

Declaration
public Task<IdentityCreationResult> CreateAsync(UserCreateModel createModel)
Parameters
Type Name Description
UserCreateModel createModel

The model containing the user creation details.
Returns
Type Description
Task<IdentityCreationResult>

A task that resolves to the result of the user creation operation.
View Source

CreateForInvite(UserCreateModel)

Creates a user for an invite. This means that the password will not be populated.

Declaration
public Task<IdentityCreationResult> CreateForInvite(UserCreateModel createModel)
Parameters
Type Name Description
UserCreateModel createModel

The model containing the user creation details.
Returns
Type Description
Task<IdentityCreationResult>

A task that resolves to the result of the user creation operation.
View Source

GenerateEmailConfirmationTokenAsync(IUser)

Generates an email confirmation token for the specified user.

Declaration
public Task<Attempt<string, UserOperationStatus>> GenerateEmailConfirmationTokenAsync(IUser user)
Parameters
Type Name Description
IUser user

The user to generate the token for.
Returns
Type Description
Task<Attempt<string, UserOperationStatus>>

An attempt containing the generated token or an error status.
View Source

GeneratePasswordResetTokenAsync(IUser)

Generates a password reset token for the specified user.

Declaration
public Task<Attempt<string, UserOperationStatus>> GeneratePasswordResetTokenAsync(IUser user)
Parameters
Type Name Description
IUser user

The user to generate the token for.
Returns
Type Description
Task<Attempt<string, UserOperationStatus>>

An attempt containing the generated token or an error status.
View Source

GetLoginsAsync(IUser)

Gets all external logins associated with the specified user.

Declaration
public Task<Attempt<ICollection<IIdentityUserLogin>, UserOperationStatus>> GetLoginsAsync(IUser user)
Parameters
Type Name Description
IUser user

The user to get logins for.
Returns
Type Description
Task<Attempt<ICollection<IIdentityUserLogin>, UserOperationStatus>>

An attempt containing the collection of logins or an error status.
View Source

IsEmailConfirmationTokenValidAsync(IUser, string)

Validates whether the email confirmation token is valid for the specified user.

Declaration
public Task<bool> IsEmailConfirmationTokenValidAsync(IUser user, string token)
Parameters
Type Name Description
IUser user

The user to validate the token for.
string token

The token to validate.
Returns
Type Description
Task<bool>

true if the token is valid; otherwise, false.
View Source

IsResetPasswordTokenValidAsync(IUser, string)

Validates whether the password reset token is valid for the specified user.

Declaration
public Task<bool> IsResetPasswordTokenValidAsync(IUser user, string token)
Parameters
Type Name Description
IUser user

The user to validate the token for.
string token

The token to validate.
Returns
Type Description
Task<bool>

true if the token is valid; otherwise, false.
View Source

NotifyAccountLocked(IPrincipal?, string?)

Declaration
public void NotifyAccountLocked(IPrincipal? currentUser, string? userId)
Parameters
Type Name Description
IPrincipal currentUser
string userId
View Source

NotifyAccountUnlocked(IPrincipal?, string)

Declaration
public void NotifyAccountUnlocked(IPrincipal? currentUser, string userId)
Parameters
Type Name Description
IPrincipal currentUser
string userId
View Source

NotifyForgotPasswordChanged(IPrincipal, string)

Notifies the system that a user's password has been changed as a result of completing the forgot password process.

Declaration
public void NotifyForgotPasswordChanged(IPrincipal currentUser, string userId)
Parameters
Type Name Description
IPrincipal currentUser

The principal representing the user performing the notification action.
string userId

The unique identifier of the user whose password was changed.
View Source

NotifyForgotPasswordRequested(IPrincipal, string)

Notifies the system that a forgot password request has been made for a back office user.

Declaration
public void NotifyForgotPasswordRequested(IPrincipal currentUser, string userId)
Parameters
Type Name Description
IPrincipal currentUser

The principal representing the user initiating the notification, typically an administrator or system process.
string userId

The unique identifier of the user for whom the password reset was requested.
View Source

NotifyLoginFailed(IPrincipal?, string)

Declaration
public void NotifyLoginFailed(IPrincipal? currentUser, string userId)
Parameters
Type Name Description
IPrincipal currentUser
string userId
View Source

NotifyLoginRequiresVerification(IPrincipal, string?)

Declaration
public void NotifyLoginRequiresVerification(IPrincipal currentUser, string? userId)
Parameters
Type Name Description
IPrincipal currentUser
string userId
View Source

NotifyLoginSuccess(IPrincipal, string)

Declaration
public void NotifyLoginSuccess(IPrincipal currentUser, string userId)
Parameters
Type Name Description
IPrincipal currentUser
string userId
View Source

NotifyLogoutSuccess(IPrincipal, string?)

Notifies the system that a logout operation has succeeded for a specified user.

Declaration
public SignOutSuccessResult NotifyLogoutSuccess(IPrincipal currentUser, string? userId)
Parameters
Type Name Description
IPrincipal currentUser

The principal representing the user performing the logout.
string userId

The optional identifier of the user who logged out; may be null.
Returns
Type Description
SignOutSuccessResult

A SignOutSuccessResult representing the outcome of the logout notification.
View Source

NotifyPasswordChanged(IPrincipal?, string)

Declaration
public void NotifyPasswordChanged(IPrincipal? currentUser, string userId)
Parameters
Type Name Description
IPrincipal currentUser
string userId
View Source

NotifyPasswordReset(IPrincipal?, string)

Declaration
public void NotifyPasswordReset(IPrincipal? currentUser, string userId)
Parameters
Type Name Description
IPrincipal currentUser
string userId
View Source

NotifyResetAccessFailedCount(IPrincipal?, string)

Declaration
public void NotifyResetAccessFailedCount(IPrincipal? currentUser, string userId)
Parameters
Type Name Description
IPrincipal currentUser
string userId
View Source

ResetAccessFailedCountAsync(BackOfficeIdentityUser)

Declaration
public override Task<IdentityResult> ResetAccessFailedCountAsync(BackOfficeIdentityUser user)
Parameters
Type Name Description
BackOfficeIdentityUser user
Returns
Type Description
Task<IdentityResult>
View Source

SetLockoutEndDateAsync(BackOfficeIdentityUser, DateTimeOffset?)

Declaration
public override Task<IdentityResult> SetLockoutEndDateAsync(BackOfficeIdentityUser user, DateTimeOffset? lockoutEnd)
Parameters
Type Name Description
BackOfficeIdentityUser user
DateTimeOffset? lockoutEnd
Returns
Type Description
Task<IdentityResult>
View Source

UnlockUser(IUser)

Unlocks the specified user account.

Declaration
public Task<Attempt<UserUnlockResult, UserOperationStatus>> UnlockUser(IUser user)
Parameters
Type Name Description
IUser user

The user to unlock.
Returns
Type Description
Task<Attempt<UserUnlockResult, UserOperationStatus>>

An attempt containing the unlock result or an error status.
View Source

VerifyPasswordAsync(IUserPasswordStore<BackOfficeIdentityUser>, BackOfficeIdentityUser, string)

Override to allow checking the password via the IBackOfficeUserPasswordChecker if one is configured

Declaration
protected override Task<PasswordVerificationResult> VerifyPasswordAsync(IUserPasswordStore<BackOfficeIdentityUser> store, BackOfficeIdentityUser user, string password)
Parameters
Type Name Description
IUserPasswordStore<BackOfficeIdentityUser> store
BackOfficeIdentityUser user
string password
Returns
Type Description
Task<PasswordVerificationResult>