Skip to content

Commit

Permalink
Prevent External Users Registration
Browse files Browse the repository at this point in the history 
Fix #17048
  • Loading branch information
@MikeAlhayek
MikeAlhayek committed Nov 23, 2024
1 parent 5dc244b commit c065fc6
Show file tree
Hide file tree
Showing 26 changed files with 364 additions and 230 deletions.
13 changes: 5 additions & 8 deletions src/OrchardCore.Modules/OrchardCore.ReCaptcha/Users/Handlers/LoginFormEventEventHandler.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

namespace OrchardCore.ReCaptcha.Users.Handlers;

public class LoginFormEventEventHandler : ILoginFormEvent
public class LoginFormEventEventHandler : LoginFormEventBase
{
private readonly ReCaptchaService _reCaptchaService;

Expand All @@ -13,17 +13,14 @@ public LoginFormEventEventHandler(ReCaptchaService reCaptchaService)
_reCaptchaService = reCaptchaService;
}

public Task IsLockedOutAsync(IUser user)
=> Task.CompletedTask;

public Task LoggedInAsync(IUser user)
public override Task LoggedInAsync(IUser user)
{
_reCaptchaService.ThisIsAHuman();

return Task.CompletedTask;
}

public Task LoggingInAsync(string userName, Action<string, string> reportError)
public override Task LoggingInAsync(string userName, Action<string, string> reportError)
{
if (_reCaptchaService.IsThisARobot())
{
Expand All @@ -33,14 +30,14 @@ public Task LoggingInAsync(string userName, Action<string, string> reportError)
return Task.CompletedTask;
}

public Task LoggingInFailedAsync(string userName)
public override Task LoggingInFailedAsync(string userName)
{
_reCaptchaService.MaybeThisIsARobot();

return Task.CompletedTask;
}

public Task LoggingInFailedAsync(IUser user)
public override Task LoggingInFailedAsync(IUser user)
{
_reCaptchaService.MaybeThisIsARobot();

Expand Down
22 changes: 18 additions & 4 deletions src/OrchardCore.Modules/OrchardCore.Users/AuditTrail/Handlers/UserEventHandler.cs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
using System.Security.Claims;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.DependencyInjection;
using OrchardCore.AuditTrail.Services;
using OrchardCore.AuditTrail.Services.Models;
Expand Down Expand Up @@ -70,10 +71,17 @@ public Task DeletedAsync(UserDeleteContext context)

#region Unused user events

public Task CreatingAsync(UserCreateContext context) => Task.CompletedTask;
public Task UpdatingAsync(UserUpdateContext context) => Task.CompletedTask;
public Task DeletingAsync(UserDeleteContext context) => Task.CompletedTask;
public Task ConfirmedAsync(UserConfirmContext context) => Task.CompletedTask;
public Task CreatingAsync(UserCreateContext context)
=> Task.CompletedTask;

public Task UpdatingAsync(UserUpdateContext context)
=> Task.CompletedTask;

public Task DeletingAsync(UserDeleteContext context)
=> Task.CompletedTask;

public Task ConfirmedAsync(UserConfirmContext context)
=> Task.CompletedTask;

#endregion

Expand Down Expand Up @@ -115,4 +123,10 @@ await _auditTrailManager.RecordEventAsync(
}
));
}

public Task<IActionResult> LoggingInAsync()
=> Task.FromResult<IActionResult>(null);

public Task<IActionResult> LoggingInAsync(IUser user)
=> Task.FromResult<IActionResult>(null);
}
37 changes: 14 additions & 23 deletions src/OrchardCore.Modules/OrchardCore.Users/Controllers/AccountController.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -134,18 +134,25 @@ public async Task<IActionResult> LoginPOST(string returnUrl = null)
var result = await _signInManager.CheckPasswordSignInAsync(user, model.Password, lockoutOnFailure: true);
if (result.Succeeded)
{
if (!await AddConfirmEmailErrorAsync(user) && !AddUserEnabledError(user, S))
foreach (var handler in _accountEvents)
{
result = await _signInManager.PasswordSignInAsync(user, model.Password, model.RememberMe, lockoutOnFailure: true);
var loginResult = await handler.LoggingInAsync(user);

if (result.Succeeded)
if (loginResult != null)
{
_logger.LogInformation(1, "User logged in.");
await _accountEvents.InvokeAsync((e, user) => e.LoggedInAsync(user), user, _logger);

return await LoggedInActionResultAsync(user, returnUrl);
return loginResult;
}
}

result = await _signInManager.PasswordSignInAsync(user, model.Password, model.RememberMe, lockoutOnFailure: true);

if (result.Succeeded)
{
_logger.LogInformation(1, "User logged in.");
await _accountEvents.InvokeAsync((e, user) => e.LoggedInAsync(user), user, _logger);

return await LoggedInActionResultAsync(user, returnUrl);
}
}

if (result.RequiresTwoFactor)
Expand Down Expand Up @@ -246,20 +253,4 @@ public IActionResult ExternalLogin()
[Obsolete("This method will be removed in version 3. Instead please use UserManagerHelper.UpdateUserPropertiesAsync(userManager, user, context).")]
public static Task<bool> UpdateUserPropertiesAsync(UserManager<IUser> userManager, User user, UpdateUserContext context)
=> UserManagerHelper.UpdateUserPropertiesAsync(userManager, user, context);

private async Task<bool> AddConfirmEmailErrorAsync(IUser user)
{
if (_registrationOptions.UsersMustValidateEmail)
{
// Require that the users have a confirmed email before they can log on.
if (!await _userManager.IsEmailConfirmedAsync(user))
{
ModelState.AddModelError(string.Empty, S["You must confirm your email."]);

return true;
}
}

return false;
}
}
Loading

0 comments on commit c065fc6

Please sign in to comment.