Browse Source

Fixed user auth - Needed to set cookie from same domain as requester.

tags/2.0.3
Teknikode 4 years ago
parent
commit
f431ed4e67

+ 4
- 3
Teknik/Areas/Profile/Controllers/ProfileController.cs View File

@@ -138,10 +138,11 @@ namespace Teknik.Areas.Profile.Controllers
db.SaveChanges();
}
HttpCookie authcookie = FormsAuthentication.GetAuthCookie(model.Username, model.RememberMe);
authcookie.Name = ".TeknikAuth";
authcookie.Domain = Config.Host;
authcookie.Name = "TeknikAuth";
authcookie.HttpOnly = true;
authcookie.Secure = true;
Response.AppendCookie(authcookie);
authcookie.Domain = string.Format(".{0}", Config.Host);
Response.Cookies.Add(authcookie);

if (string.IsNullOrEmpty(model.ReturnUrl))
{

+ 3
- 3
Teknik/Areas/Profile/ProfileAreaRegistration.cs View File

@@ -18,21 +18,21 @@ namespace Teknik.Areas.Profile
{
context.MapSubdomainRoute(
"Profile.Login", // Route name
new List<string>() { "dev", "profile" }, // Subdomains
new List<string>() { "dev", "profile", "www", string.Empty }, // Subdomains
"Login", // URL with parameters
new { controller = "Profile", action = "Login" }, // Parameter defaults
new[] { typeof(Controllers.ProfileController).Namespace }
);
context.MapSubdomainRoute(
"Profile.Logout", // Route name
new List<string>() { "dev", "profile" }, // Subdomains
new List<string>() { "dev", "profile", "www", string.Empty }, // Subdomains
"Logout", // URL with parameters
new { controller = "Profile", action = "Logout" }, // Parameter defaults
new[] { typeof(Controllers.ProfileController).Namespace }
);
context.MapSubdomainRoute(
"Profile.Register", // Route name
new List<string>() { "dev", "profile" }, // Subdomains
new List<string>() { "dev", "profile", "www", string.Empty }, // Subdomains
"Register", // URL with parameters
new { controller = "Profile", action = "Register" }, // Parameter defaults
new[] { typeof(Controllers.ProfileController).Namespace }

+ 3
- 0
Teknik/Areas/Profile/Views/Profile/Index.cshtml View File

@@ -22,7 +22,10 @@
{
<li class="list-group-item text-right"><span class="pull-left"><strong>Last Seen</strong></span> <time datetime="@Model.LastSeen.ToString("o")">@Model.LastSeen.ToString("MMMM dd, yyyy")</time></li>
}
@if (!string.IsNullOrEmpty(Model.Email))
{
<li class="list-group-item text-right"><span class="pull-left"><strong>Email</strong></span> <a href="mailto:@Model.Email">@Model.Email</a></li>
}
<li class="list-group-item text-right"><span class="pull-left"><strong>Blog</strong></span> <a href="@Url.SubRouteUrl("blog", "Blog.Blog", new { username = Model.Username })" id="blog_title">@(string.IsNullOrEmpty(Model.BlogSettings.Title) ? string.Format("{0}'s Blog", Model.Username) : Model.BlogSettings.Title)</a></li>
<li class="list-group-item text-right"><span class="pull-left"><strong>Git</strong></span> <a href="@Url.SubRouteUrl("git", "Git.Index", new { username = Model.Username })">Public Repos</a></li>
</ul>

+ 1
- 1
Teknik/Areas/Profile/Views/Profile/Login.cshtml View File

@@ -2,7 +2,7 @@

@if (Model.Config.UserConfig.LoginEnabled)
{
<form role="form" id="loginForm" action="@Url.SubRouteUrl("profile", "Profile.Login")" method="post" accept-charset="UTF-8">
<form role="form" id="loginForm" action="@Url.SubRouteUrl("www", "Profile.Login")" method="post" accept-charset="UTF-8">
<input name="ReturnUrl" id="ReturnUrl" type="hidden" value="@Model.ReturnUrl" />
<div class="form-group">
<input type="text" class="form-control" id="Username" value="" placeholder="Username" name="Username" data-val-required="The Username field is required." data-val="true" />

+ 1
- 1
Teknik/Areas/Profile/Views/Profile/Register.cshtml View File

@@ -2,7 +2,7 @@

@if (Model.Config.UserConfig.RegistrationEnabled)
{
<form role="form" id="registrationForm" action="@Url.SubRouteUrl("profile", "Profile.Register")" method="post" accept-charset="UTF-8">
<form role="form" id="registrationForm" action="@Url.SubRouteUrl("www", "Profile.Register")" method="post" accept-charset="UTF-8">
<input name="ReturnUrl" id="ReturnUrl" type="hidden" value="@Model.ReturnUrl" />
<div class="form-group">
<input type="text" class="form-control" id="Username" value="" placeholder="Username" name="Username" data-val-required="The Username field is required." data-val="true"/>

+ 1
- 1
Teknik/Web.config View File

@@ -19,7 +19,7 @@
<system.web>
<customErrors mode="Off" />
<authentication mode="Forms">
<forms domain=".teknik.io" path="/" timeout="2880" requireSSL="true" enableCrossAppRedirects="true" name=".TeknikAuth" />
<forms domain=".teknik.io" protection="All" enableCrossAppRedirects="true" name="TeknikAuth" />
</authentication>
<compilation debug="true" targetFramework="4.5.2" />
<httpRuntime targetFramework="4.5.2" maxRequestLength="1048576" />

Loading…
Cancel
Save