Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Søren Kottal 544 posts 3599 karma points MVP 3x c-trib
    Jan 21, 2015 @ 09:06
    Søren Kottal
    0

    Frontend login for backend users

    I am trying to make backend users able to log in on the frontend. It seems to be working, but not when I use multiple domains in my Umbraco install.

    If I login to the backoffice at eg. domain1.com/umbraco and change a users password, then go to domain2.com/frontendlogin (eg) and use the users new password it doesn't work. If I reload (touch web.config) it works.

    This is my login code:

     

        var isLoggedIn = false;
    
        var err = "";
        var us = ApplicationContext.Current.Services.UserService;
    
        var cUser = UmbracoContext.Current.UmbracoUser;
        if (Request.Form["mode"] == "login")
        {
            var user = us.GetByUsername(Request.Form["user"]);
    
            if (user != null) {
                if (user.RawPasswordValue == hashPassword(Request.Form["password"]))
                {
                    UmbracoContext.Security.PerformLogin(user);
                    cUser = UmbracoContext.Current.UmbracoUser;
                    isLoggedIn = true;
                }
                else
                {
                    err = "Forkert adgangskode";
                }
            }
            else {
                err = "Forkert brugernavn";
            }
        }
    

     

    I have already tried to set ContinouslyUpdateXmlDiskCache and XmlContentCheckForDiskChanges to true in umbracoSettings.config.

     

    Do you guys have any experience with this?

  • Chriztian Steinmeier 2726 posts 8320 karma points MVP 5x admin c-trib
    Aug 09, 2017 @ 16:31
    Chriztian Steinmeier
    0

    Hi Søren,

    Did you get this to work?

    I'd love to see a working sample, as I'm currently trying to implement something similar (not with multiple domains, though).

    /Chriztian

  • Søren Kottal 544 posts 3599 karma points MVP 3x c-trib
    Aug 10, 2017 @ 06:24
    Søren Kottal
    101

    Oh, thats a long time ago :)

    I think I know what solution I needed it for, and looking at the source it seems like I changed the code to something like this

    var us = ApplicationContext.Current.Services.UserService;
    var cs = ApplicationContext.Current.Services.ContentService;
    var cUser = UmbracoContext.Security.CurrentUser;
    
    
    if (Request.Form["mode"] == "login")
    {
        var user = us.GetByUsername(Request.Form["user"]);
    
        if (user != null) {
    
            if (user.RawPasswordValue == hashPassword(Request.Form["password"]))
            {
                FormsAuthentication.SetAuthCookie("akut", true);
                Response.Redirect(Model.Content.Url);
    
            }
            else
            {
                err = "Forkert adgangskode";
            }
        }
        else {
            err = "Forkert brugernavn";
        }
    }
    

    --

    string hashPassword(string password)
    {
        HMACSHA1 hash = new HMACSHA1();
        hash.Key = Encoding.Unicode.GetBytes(password);
    
        string encodedPassword = Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password)));
        return encodedPassword;
    }
    

    So as you can see, in stead of logging in using UmbracoContext.Security, I'm using FormsAuthentication, and then logging in with a member.

    It doesn't completely fix my problem, but was enough to get the job done at that time :)

Please Sign in or register to post replies

Write your reply to:

Draft