Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • Ghufran Ahmad 17 posts 73 karma points
    Apr 08, 2015 @ 08:09
    Ghufran Ahmad
    1

    How to validate back office users outside the umbraco

    Hi,

    I want to validate back office users through custom log in page where user will put his/her username and password where I want to check user's details are valid or not

    I tried this

    using umbraco.BusinessLogic;

    User u = User.GetUser(User.getUserId(strEmail));

    if (u.LoginName.Equals(strEmail) && u.Password.Equals(strPass))

    {

    valid user
    

    }

    else {

    invalid user
    

    }

    It is giving always invalid

    Can any one please help me

  • Jeroen Breuer 4861 posts 12131 karma points MVP 3x admin c-trib
    Apr 08, 2015 @ 11:30
    Jeroen Breuer
    0

    Hello,

    Have a look at the PostLogin method here: https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/Editors/AuthenticationController.cs#L103.

    That's the method Umbraco actually uses to login into the backoffice. So you can probably do something like this:

    if (UmbracoContext.Security.ValidateBackOfficeCredentials(loginModel.Username, loginModel.Password))
    {
        //Valid user
    }
    else
    {
        //Invalid user
    }

    If UmbracoContext is not available like in the above example try UmbracoContext.Current.Security.ValidateBackOfficeCredentials(strEmail, strPass).

    Jeroen

  • Ghufran Ahmad 17 posts 73 karma points
    Apr 08, 2015 @ 12:24
    Ghufran Ahmad
    0

    Thanks Jeroen!

    but still not getting UmbracoContext then I tried Umbraco.Web.UmbracoContext.Current.Security.ValidateUserContextId not getting "ValidateBackOfficeCredentials" method

    Thank you

  • Jeroen Breuer 4861 posts 12131 karma points MVP 3x admin c-trib
    Apr 08, 2015 @ 12:31
    Jeroen Breuer
    0

    Hello,

    What version of Umbraco are you using? I just tried it on 7.2.4 and there the ValidateBackOfficeCredentials method is available just like ValidateCurrentUser and ValidateUserContextId.

    Jeroen

  • Ghufran Ahmad 17 posts 73 karma points
    Apr 08, 2015 @ 12:47
    Ghufran Ahmad
    0

    Thanks Jeroen for quick reply

    I am using 7.2.0

    Available methods under UmbracoContext.Current.Security

    using System;
    
    using System.Collections.Generic;
    
    using System.Web;
    
    using umbraco.BusinessLogic;
    
    
    
    namespace Umbraco.Web.Security
    {
        public class WebSecurity
        {
            public WebSecurity();
    
            public string UmbracoUserContextId { get; set; }
    
            public void ClearCurrentLogin();
            public int GetUserId(string umbracoUserContextId);
            public bool IsMemberAuthorized(bool allowAll = false, IEnumerable<string> allowTypes = null, IEnumerable<string> allowGroups = null, IEnumerable<int> allowMembers = null);
            public void PerformLogin(int userId);
            public void RenewLoginTimeout();
            public bool ValidateUserContextId(string currentUmbracoUserContextId);
        }
    }
    
  • Jeroen Breuer 4861 posts 12131 karma points MVP 3x admin c-trib
    Apr 08, 2015 @ 12:51
    Jeroen Breuer
    0

    Hmm I don't understand why you can't see them. If you look in the source code it's clearly there: https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/Security/WebSecurity.cs#L150.

    Jeroen

  • Ghufran Ahmad 17 posts 73 karma points
    Apr 08, 2015 @ 13:57
    Ghufran Ahmad
    0

    Actually the issue due to assembly version I have Used the dlls from umbraco version 6.1.6 in my project

    umbraco.dll

    businesslogic.dll

    Umbraco.Core.dll

    But when trying to update these dlls from 7.2.0 it throwing some other errors

    am using this code snippet for getting current User

    umbraco.BusinessLogic.User u = umbraco.helper.GetCurrentUmbracoUser();

    here it is showing umbraco does not exist

  • Jeroen Breuer 4861 posts 12131 karma points MVP 3x admin c-trib
    Apr 08, 2015 @ 14:09
    Jeroen Breuer
    0

    Hmm Umbraco 6.1.6 dll's for a reference is not a good idea. You should reference to the 7.2 dll's from the bin folder of your website. If you get errors that's probably because you were referencing to old dll's and those methods changed. I don't know if I can help you with that.

    Jeroen

  • Ghufran Ahmad 17 posts 73 karma points
    Apr 08, 2015 @ 14:15
    Ghufran Ahmad
    0

    Thanks a lot

    Can you please suggest how to get current user using 7.2 dll's

    in similar manner which is present in 6.1.6

    umbraco.BusinessLogic.User u = umbraco.helper.GetCurrentUmbracoUser();

  • Jeroen Breuer 4861 posts 12131 karma points MVP 3x admin c-trib
    Apr 08, 2015 @ 14:17
    Jeroen Breuer
    0

    Try this:

    var user = Security.GetBackOfficeUser(loginModel.Username);

    I copied it from the source code: https://github.com/umbraco/Umbraco-CMS/blob/dev-v7/src/Umbraco.Web/Editors/AuthenticationController.cs#L107

    If Security is not available try Umbraco.Web.UmbracoContext.Current.Security.

    Jeroen

  • Daniel 44 posts 187 karma points
    Jul 31, 2015 @ 14:33
    Daniel
    0

    This was an interesting topic and pretty much exactly what I'm trying to achieve. I feel like I'm so close, but can't quite get there!

    Calling UmbracoContext.Current.Security.ValidateBackOfficeCredentials(strEmail, strPass) works fine and returns true for my credentials, but that method doesn't seem to actually log the user in. Calling helper.GetCurrentUmbracoUser(); returns null and trying to access the Umbraco backoffice just redirects me to the login page.

    I would like to call the method Security.GetBackOfficeUser(loginModel.Username); as suggested in the latest reply but that method is internal in the umbraco code and doesn't seem to be accessible in a compiled umbraco project (internal IUser GetBackOfficeUser(string username))

    To login I think the best way would be to call the PostLogin method in Umbraco.Web\Editors\AuthenticationController.cs, but I can't seem to be able to access that method either.

    Any ideas?

    Thanks, Daniel

  • Arthur 10 posts 80 karma points
    Sep 10, 2018 @ 12:55
    Arthur
    0
    public override Task<bool> CheckPasswordAsync(BackOfficeIdentityUser user, string password)
        {
            var userService = ApplicationContext.Current.Services.UserService;
    
            try
            {
    
                var userStatus = (userService.GetByEmail(user.Email.ToString()) != null) ? true : false;
    
                var userLogin =  UmbracoContext.Current.Security.PerformLogin(user.Id);
    
                var user = ApplicationContext.Services.UserService.GetUserById(id);
    
                return Task.FromResult(userStatus);
    
            }
    
            catch (Exception)
            {
    
                //throw;
            }
            return Task.FromResult(false);
    
        }
    

    I am having same issue. userStatus shows true since user exists in database however, performlogin does not happen and return user=null when i check umbTicket status.

                      if (UmbracoContext.Security.ValidateBackOfficeCredentials(loginModel.Username, loginModel.Password))
                    {
    
                        var httpCtxWrapper = new System.Web.HttpContextWrapper(System.Web.HttpContext.Current);
                        var umbTicket = httpCtxWrapper.GetUmbracoAuthTicket();
    
                        var loginUser = userService.GetByUsername(umbTicket.Name); 
    
                    }
    

    any idea. thanks

Please Sign in or register to post replies

Write your reply to:

Draft