Hello,

Have a look at the PostLogin method here: https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/Editors/AuthenticationController.cs#L103.

That's the method Umbraco actually uses to login into the backoffice. So you can probably do something like this:

if (UmbracoContext.Security.ValidateBackOfficeCredentials(loginModel.Username, loginModel.Password))
{
    //Valid user
}
else
{
    //Invalid user
}

If UmbracoContext is not available like in the above example try UmbracoContext.Current.Security.ValidateBackOfficeCredentials(strEmail, strPass).

Jeroen

Thanks Jeroen!

but still not getting UmbracoContext then I tried Umbraco.Web.UmbracoContext.Current.Security.ValidateUserContextId not getting "ValidateBackOfficeCredentials" method

Thank you

Hello,

What version of Umbraco are you using? I just tried it on 7.2.4 and there the ValidateBackOfficeCredentials method is available just like ValidateCurrentUser and ValidateUserContextId.

Jeroen

Thanks Jeroen for quick reply

I am using 7.2.0

Available methods under UmbracoContext.Current.Security

using System;

using System.Collections.Generic;

using System.Web;

using umbraco.BusinessLogic;



namespace Umbraco.Web.Security
{
    public class WebSecurity
    {
        public WebSecurity();

        public string UmbracoUserContextId { get; set; }

        public void ClearCurrentLogin();
        public int GetUserId(string umbracoUserContextId);
        public bool IsMemberAuthorized(bool allowAll = false, IEnumerable<string> allowTypes = null, IEnumerable<string> allowGroups = null, IEnumerable<int> allowMembers = null);
        public void PerformLogin(int userId);
        public void RenewLoginTimeout();
        public bool ValidateUserContextId(string currentUmbracoUserContextId);
    }
}

Hmm I don't understand why you can't see them. If you look in the source code it's clearly there: https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/Security/WebSecurity.cs#L150.

Jeroen

Actually the issue due to assembly version I have Used the dlls from umbraco version 6.1.6 in my project

umbraco.dll

businesslogic.dll

Umbraco.Core.dll

But when trying to update these dlls from 7.2.0 it throwing some other errors

am using this code snippet for getting current User

umbraco.BusinessLogic.User u = umbraco.helper.GetCurrentUmbracoUser();

here it is showing umbraco does not exist

Hmm Umbraco 6.1.6 dll's for a reference is not a good idea. You should reference to the 7.2 dll's from the bin folder of your website. If you get errors that's probably because you were referencing to old dll's and those methods changed. I don't know if I can help you with that.

Jeroen

Thanks a lot

Can you please suggest how to get current user using 7.2 dll's

in similar manner which is present in 6.1.6

umbraco.BusinessLogic.User u = umbraco.helper.GetCurrentUmbracoUser();

Try this:

var user = Security.GetBackOfficeUser(loginModel.Username);

I copied it from the source code: https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/Editors/AuthenticationController.cs#L107

If Security is not available try Umbraco.Web.UmbracoContext.Current.Security.

Jeroen

This was an interesting topic and pretty much exactly what I'm trying to achieve. I feel like I'm so close, but can't quite get there!

Calling UmbracoContext.Current.Security.ValidateBackOfficeCredentials(strEmail, strPass) works fine and returns true for my credentials, but that method doesn't seem to actually log the user in. Calling helper.GetCurrentUmbracoUser(); returns null and trying to access the Umbraco backoffice just redirects me to the login page.

I would like to call the method Security.GetBackOfficeUser(loginModel.Username); as suggested in the latest reply but that method is internal in the umbraco code and doesn't seem to be accessible in a compiled umbraco project (internal IUser GetBackOfficeUser(string username))

To login I think the best way would be to call the PostLogin method in Umbraco.Web\Editors\AuthenticationController.cs, but I can't seem to be able to access that method either.

Any ideas?

Thanks, Daniel

public override Task<bool> CheckPasswordAsync(BackOfficeIdentityUser user, string password)
    {
        var userService = ApplicationContext.Current.Services.UserService;

        try
        {

            var userStatus = (userService.GetByEmail(user.Email.ToString()) != null) ? true : false;

            var userLogin =  UmbracoContext.Current.Security.PerformLogin(user.Id);

            var user = ApplicationContext.Services.UserService.GetUserById(id);

            return Task.FromResult(userStatus);

        }

        catch (Exception)
        {

            //throw;
        }
        return Task.FromResult(false);

    }

I am having same issue. userStatus shows true since user exists in database however, performlogin does not happen and return user=null when i check umbTicket status.

                  if (UmbracoContext.Security.ValidateBackOfficeCredentials(loginModel.Username, loginModel.Password))
                {

                    var httpCtxWrapper = new System.Web.HttpContextWrapper(System.Web.HttpContext.Current);
                    var umbTicket = httpCtxWrapper.GetUmbracoAuthTicket();

                    var loginUser = userService.GetByUsername(umbTicket.Name); 

                }

any idea. thanks

is working on a reply...