Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update to User Management #2130

Merged
merged 1 commit into from
Apr 13, 2022
Merged

Update to User Management #2130

merged 1 commit into from
Apr 13, 2022

Conversation

leigh-pointer
Copy link
Contributor

Updated user management to display more of the User ; Last Login Last IP and Is Authenticated.

image

Updated user management to display more of the User ; Last Login Last IP and Is Authenticated.
@sbwalker
Copy link
Member

@leigh-pointer I will merge this but I will remove the IsAuthenticated column because it does not represent what you likely assume it is... it does not indicate if a user is currently logged in... it is a transient property which is only relevant for the current user.

@sbwalker sbwalker merged commit 5a71ab3 into oqtane:dev Apr 13, 2022
@leigh-pointer
Copy link
Contributor Author

@sbwalker I thought the IsAuthenticated was that the account was authenticated as the email had been verified. I think having this information is handy also with the option to resend confirmation email ( something I was going to work on). Thoughts?

@leigh-pointer leigh-pointer deleted the LastLoggedIn branch April 14, 2022 11:10
@sbwalker
Copy link
Member

No, IsAuthenticated does not have anything to do with email validation... it is property on the User model which is not persisted anywhere except for in memory and is only populated for the current user based on whether they are authenticated (ie. signed in).

Email validation is managed by .NET Core Identity. In the case where a site has enabled User Registration (which is disabled by default) and a new user registers on the site, a notification is sent to the user asking them to validate their email address. The validation link uses .NET Core Identity to construct a token and this token is passes to the User API. Once a user clicks the link, their EmailConfirmed field is updated in the AspNetUsers table. This EmailConfirmed field is used during login by .NET Core Identity to verify that a user already validated their email address. The EmailConfirmed property is not included in Oqtane's User model - it is only managed server-side. I would prefer to keep AspNetUsers decoupled from Users for performance and abstraction reasons. It would still be possible to include a Resend option for email verification - but it would not be dependent upon on EmailConfirmed property (it can sort of be assumed that if a user has never logged in it may be because they have not verified their email). However I would not include the Resend option in the main Users grid view - I would include it in the detailed modal view for a specific user. And I would only make the option visible if the User Registration option is enabled - as it makes no sense to display it if User Registration is disabled.

The Is Authenticated column should be removed from the main User Management view. However I would suggest adding the Users CreatedOn date so that the Admin can easily see how long the user has been a member of the site?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants