diff --git a/src/Admin/Controllers/HomeController.cs b/src/Admin/Controllers/HomeController.cs index 424b26dea5..5484b0418a 100644 --- a/src/Admin/Controllers/HomeController.cs +++ b/src/Admin/Controllers/HomeController.cs @@ -7,7 +7,6 @@ using Bit.Core; using System.Net.Http; using System.Threading.Tasks; using Newtonsoft.Json.Linq; -using System.Linq; namespace Bit.Admin.Controllers { diff --git a/src/Admin/Controllers/LoginController.cs b/src/Admin/Controllers/LoginController.cs index 539d9d2de1..68f4863429 100644 --- a/src/Admin/Controllers/LoginController.cs +++ b/src/Admin/Controllers/LoginController.cs @@ -16,11 +16,19 @@ namespace Bit.Admin.Controllers _signInManager = signInManager; } - public IActionResult Index(string returnUrl = null) + public IActionResult Index(string returnUrl = null, string error = null, string success = null, + bool accessDenied = false) { + if(string.IsNullOrWhiteSpace(error) && accessDenied) + { + error = "Access denied. Please log in."; + } + return View(new LoginModel { - ReturnUrl = returnUrl + ReturnUrl = returnUrl, + Error = error, + Success = success }); } @@ -32,7 +40,11 @@ namespace Bit.Admin.Controllers { await _signInManager.PasswordlessSignInAsync(model.Email, Url.Action("Confirm", "Login", new { returnUrl = model.ReturnUrl }, Request.Scheme)); - return RedirectToAction("Index", "Home"); + return RedirectToAction("Index", new + { + success = "If a valid admin user with this email address exists, " + + "we've sent you an email with a secure link to log in." + }); } return View(model); @@ -43,8 +55,10 @@ namespace Bit.Admin.Controllers var result = await _signInManager.PasswordlessSignInAsync(email, token, true); if(!result.Succeeded) { - // TODO: error? - return RedirectToAction("Index"); + return RedirectToAction("Index", new + { + error = "This login confirmation link is invalid. Try logging in again." + }); } if(!string.IsNullOrWhiteSpace(returnUrl) && Url.IsLocalUrl(returnUrl)) @@ -60,7 +74,10 @@ namespace Bit.Admin.Controllers public async Task Logout() { await _signInManager.SignOutAsync(); - return RedirectToAction("Index"); + return RedirectToAction("Index", new + { + success = "You have been logged out." + }); } } } diff --git a/src/Admin/Models/LoginModel.cs b/src/Admin/Models/LoginModel.cs index f4916e496b..fa77ddfe11 100644 --- a/src/Admin/Models/LoginModel.cs +++ b/src/Admin/Models/LoginModel.cs @@ -8,5 +8,7 @@ namespace Bit.Admin.Models [EmailAddress] public string Email { get; set; } public string ReturnUrl { get; set; } + public string Error { get; set; } + public string Success { get; set; } } } diff --git a/src/Admin/Startup.cs b/src/Admin/Startup.cs index ffb1f5204f..e9688ab57f 100644 --- a/src/Admin/Startup.cs +++ b/src/Admin/Startup.cs @@ -47,6 +47,13 @@ namespace Bit.Admin // Identity services.AddPasswordlessIdentityServices(globalSettings); + if(globalSettings.SelfHosted) + { + services.ConfigureApplicationCookie(options => + { + options.Cookie.Path = "/admin"; + }); + } // Services services.AddBaseServices(); diff --git a/src/Admin/Views/Login/Index.cshtml b/src/Admin/Views/Login/Index.cshtml index 297996af8f..815ba83695 100644 --- a/src/Admin/Views/Login/Index.cshtml +++ b/src/Admin/Views/Login/Index.cshtml @@ -5,6 +5,14 @@
+ @if(!string.IsNullOrWhiteSpace(Model.Success)) + { + + } + else if(!string.IsNullOrWhiteSpace(Model.Error)) + { + + }

Please enter your email address below to log in.

diff --git a/src/Core/Utilities/ServiceCollectionExtensions.cs b/src/Core/Utilities/ServiceCollectionExtensions.cs index e8b34c0ea6..e2dcc5a63a 100644 --- a/src/Core/Utilities/ServiceCollectionExtensions.cs +++ b/src/Core/Utilities/ServiceCollectionExtensions.cs @@ -220,7 +220,7 @@ namespace Bit.Core.Utilities { options.LoginPath = "/login"; options.LogoutPath = "/"; - options.AccessDeniedPath = "/login?accessDenied=1"; + options.AccessDeniedPath = "/login?accessDenied=true"; options.Cookie.Name = $"Bitwarden_{globalSettings.ProjectName}"; options.Cookie.HttpOnly = true; options.Cookie.Expiration = options.ExpireTimeSpan = TimeSpan.FromDays(2);