persist login. allow log out

2025-02-17 02:01:53 +01:00 · 2018-03-23 10:12:09 -04:00 · 2018-03-23 10:12:09 -04:00 · 0d12cf9217
commit 0d12cf9217
parent 1b313e6df4
5 changed files with 23 additions and 5 deletions
--- a/src/Admin/Controllers/LoginController.cs
+++ b/src/Admin/Controllers/LoginController.cs
@ -40,7 +40,7 @@ namespace Bit.Admin.Controllers

        public async Task<IActionResult> Confirm(string email, string token, string returnUrl)
        {
-            var result = await _signInManager.PasswordlessSignInAsync(email, token, false);
+            var result = await _signInManager.PasswordlessSignInAsync(email, token, true);
            if(!result.Succeeded)
            {
                // TODO: error?
@ -54,5 +54,13 @@ namespace Bit.Admin.Controllers

            return RedirectToAction("Index", "Home");
        }
+
+        [HttpPost]
+        [ValidateAntiForgeryToken]
+        public async Task<IActionResult> Logout()
+        {
+            await _signInManager.SignOutAsync();
+            return RedirectToAction("Index");
+        }
    }
 }
--- a/src/Admin/Startup.cs
+++ b/src/Admin/Startup.cs
@ -4,11 +4,9 @@ using Bit.Core.Identity;
 using Bit.Core.Utilities;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Hosting;
-using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Routing;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.DependencyInjection;
-using Microsoft.Extensions.DependencyInjection.Extensions;
 using Microsoft.Extensions.Logging;
 using Serilog.Events;
 using Stripe;
--- a/src/Admin/Views/Shared/_Layout.cshtml
+++ b/src/Admin/Views/Shared/_Layout.cshtml
@ -1,4 +1,5 @@
-<!DOCTYPE html>
+@inject SignInManager<IdentityUser> SignInManager
+<!DOCTYPE html>
 <html>
 <head>
    <meta charset="utf-8" />
@ -39,6 +40,16 @@
                        <a class="nav-link" asp-controller="Organizations" asp-action="Index">Organizations</a>
                    </li>
                </ul>
+                @if(SignInManager.IsSignedIn(User))
+                {
+                    <form asp-controller="Login" asp-action="Logout" method="post">
+                        <button type="submit" class="btn btn-secondary">Log Out</button>
+                    </form>
+                }
+                else
+                {
+                    <a class="btn btn-secondary" asp-controller="Login" asp-action="Index">Log In</a>
+                }
            </div>
        </div>
    </nav>
--- a/src/Admin/Views/_ViewImports.cshtml
+++ b/src/Admin/Views/_ViewImports.cshtml
@ -1,3 +1,4 @@
+@using Microsoft.AspNetCore.Identity
@using Bit.Admin
@using Bit.Admin.Models
@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers
--- a/src/Core/Utilities/ServiceCollectionExtensions.cs
+++ b/src/Core/Utilities/ServiceCollectionExtensions.cs
@ -223,7 +223,7 @@ namespace Bit.Core.Utilities
                options.AccessDeniedPath = "/login?accessDenied=1";
                options.Cookie.Name = $"Bitwarden_{globalSettings.ProjectName}";
                options.Cookie.HttpOnly = true;
-                options.ExpireTimeSpan = TimeSpan.FromMinutes(60);
+                options.Cookie.Expiration = options.ExpireTimeSpan = TimeSpan.FromDays(2);
                options.ReturnUrlParameter = "returnUrl";
                options.SlidingExpiration = true;
            });