Ntuthuko/consolidate authentication settings

shesha-core/src/Shesha.Application/Authorization/Settings/AuthorizationSettingsAppService.cs

@@ -1,78 +1,108 @@
-using Abp.Application.Services;
-using Shesha.Authorization.Settings.Dto;
-using Shesha.Configuration;
-using Shesha.Configuration.Security;
-using System;
+using System;
 using System.Threading.Tasks;
+using Abp.Application.Services;
+using Shesha.Authorization.Settings.Dto;
+using Shesha.Configuration.Security.Frontend;
 
 namespace Shesha.Authorization.Settings
 {
     [Obsolete("To be removed, is used for backward compatibility only")]
     public class AuthorizationSettingsAppService: ApplicationService
     {
-        private readonly IPasswordComplexitySettings _passwordComplexitySettings;
-        private readonly ISecuritySettings _securitySettings;
+        private readonly IUserManagementSettings _userManagementSettings;
 
-        public AuthorizationSettingsAppService(IPasswordComplexitySettings passwordComplexitySettings, ISecuritySettings securitySettings)
+        public AuthorizationSettingsAppService(IUserManagementSettings userManagementSettings)
         {
-            _passwordComplexitySettings = passwordComplexitySettings;
-            _securitySettings = securitySettings;
+            _userManagementSettings = userManagementSettings;
         }
 
         public async Task UpdateSettingsAsync(AuthorizationSettingsDto dto)
         {
-            //Lockout
-            await _securitySettings.UserLockOutEnabled.SetValueAsync(dto.IsLockoutEnabled);
-            await _securitySettings.DefaultAccountLockoutSeconds.SetValueAsync(dto.DefaultAccountLockoutSeconds);
-            await _securitySettings.MaxFailedAccessAttemptsBeforeLockout.SetValueAsync(dto.MaxFailedAccessAttemptsBeforeLockout);
-            await _securitySettings.SecuritySettings.SetValueAsync(new SecuritySettings 
-            { 
-                AutoLogoffTimeout = dto.AutoLogoffTimeout,
+            var existingSettings = await _userManagementSettings.DefaultAuthentication.GetValueAsync();
+            if (existingSettings == null)
+            {
+                existingSettings = new DefaultAuthenticationSettings();
+            }
+
+            // Default Authentication
+            await _userManagementSettings.DefaultAuthentication.SetValueAsync(new DefaultAuthenticationSettings
+            {
+                // Preserve existing OTP and registration settings
+                RequireOtpVerification = existingSettings.RequireOtpVerification,
+                AllowLocalUsernamePasswordAuth = existingSettings.AllowLocalUsernamePasswordAuth,
+                UseDefaultRegistrationForm = existingSettings.UseDefaultRegistrationForm,
+                UserEmailAsUsername = existingSettings.UserEmailAsUsername,
+                CustomRegistrationForm = existingSettings.CustomRegistrationForm,
+                SupportedVerificationMethods = existingSettings.SupportedVerificationMethods,
+                PasswordLength = existingSettings.PasswordLength,
+                Alphabet = existingSettings.Alphabet,
+                DefaultLifetime = existingSettings.DefaultLifetime,
+                IgnoreOtpValidation = existingSettings.IgnoreOtpValidation,
+                DefaultSubjectTemplate = existingSettings.DefaultSubjectTemplate,
+                DefaultBodyTemplate = existingSettings.DefaultBodyTemplate,
+                DefaultEmailSubjectTemplate = existingSettings.DefaultEmailSubjectTemplate,
+                DefaultEmailBodyTemplate = existingSettings.DefaultEmailBodyTemplate,
+
+                // Lockout settings from DTO
+                UserLockOutEnabled = dto.IsLockoutEnabled,
+                DefaultAccountLockoutSeconds = dto.DefaultAccountLockoutSeconds,
+                MaxFailedAccessAttemptsBeforeLockout = dto.MaxFailedAccessAttemptsBeforeLockout,
+
+                // Password complexity from DTO
+                RequireDigit = dto.RequireDigit,
+                RequireLowercase = dto.RequireLowercase,
+                RequireNonAlphanumeric = dto.RequireNonAlphanumeric,
+                RequireUppercase = dto.RequireUppercase,
+                RequiredLength = dto.RequiredLength,
 
-                // Password reset
+                // Password reset settings from DTO
                 UseResetPasswordViaEmailLink = dto.ResetPasswordWithEmailLinkIsSupported,
                 ResetPasswordEmailLinkLifetime = dto.ResetPasswordWithEmailLinkExpiryDelay,
-
                 UseResetPasswordViaSmsOtp = dto.ResetPasswordWithSmsOtpIsSupported,
                 ResetPasswordSmsOtpLifetime = dto.ResetPasswordWithSmsOtpExpiryDelay,
-
                 UseResetPasswordViaSecurityQuestions = dto.ResetPasswordWithSecurityQuestionsIsSupported,
                 ResetPasswordViaSecurityQuestionsNumQuestionsAllowed = dto.ResetPasswordWithSecurityQuestionsNumQuestionsAllowed
             });
 
-            //Password complexity
-            await _passwordComplexitySettings.RequireDigit.SetValueAsync(dto.RequireDigit);
-            await _passwordComplexitySettings.RequireLowercase.SetValueAsync(dto.RequireLowercase);
-            await _passwordComplexitySettings.RequireNonAlphanumeric.SetValueAsync(dto.RequireNonAlphanumeric);
-            await _passwordComplexitySettings.RequireUppercase.SetValueAsync(dto.RequireUppercase);
-            await _passwordComplexitySettings.RequiredLength.SetValueAsync(dto.RequiredLength);
+            // General Frontend Security Settings
+            var generalSettings = await _userManagementSettings.GeneralFrontendSecuritySettings.GetValueAsync()
+                                ?? new GeneralFrontendSecuritySettings();
+
+            generalSettings.AutoLogoffAfterInactivity = dto.AutoLogoffAfterInactivity;
+            generalSettings.AutoLogoffTimeout = dto.AutoLogoffTimeout;
+
+            await _userManagementSettings.GeneralFrontendSecuritySettings.SetValueAsync(generalSettings);
         }
 
         public async Task<AuthorizationSettingsDto> GetSettingsAsync()
         {
-            var settings = await _securitySettings.SecuritySettings.GetValueAsync();
+            var defaultAuthSettings = await _userManagementSettings.DefaultAuthentication.GetValueAsync();
+            var generalFrontendSettings = await _userManagementSettings.GeneralFrontendSecuritySettings.GetValueAsync();
             var dto = new AuthorizationSettingsDto();
 
             //Lockout
-            dto.IsLockoutEnabled = await _securitySettings.UserLockOutEnabled.GetValueOrNullAsync();
-            dto.DefaultAccountLockoutSeconds = await _securitySettings.DefaultAccountLockoutSeconds.GetValueOrNullAsync();
-            dto.MaxFailedAccessAttemptsBeforeLockout = await _securitySettings.MaxFailedAccessAttemptsBeforeLockout.GetValueOrNullAsync();
-            dto.AutoLogoffTimeout = settings.AutoLogoffTimeout;
+            dto.IsLockoutEnabled = defaultAuthSettings.UserLockOutEnabled;
+            dto.DefaultAccountLockoutSeconds = defaultAuthSettings.DefaultAccountLockoutSeconds;
+            dto.MaxFailedAccessAttemptsBeforeLockout = defaultAuthSettings.MaxFailedAccessAttemptsBeforeLockout;
 
             //Password complexity
-            dto.RequireDigit = await _passwordComplexitySettings.RequireDigit.GetValueOrNullAsync();
-            dto.RequireLowercase = await _passwordComplexitySettings.RequireLowercase.GetValueOrNullAsync();
-            dto.RequireNonAlphanumeric = await _passwordComplexitySettings.RequireNonAlphanumeric.GetValueOrNullAsync();
-            dto.RequireUppercase = await _passwordComplexitySettings.RequireUppercase.GetValueOrNullAsync();
-            dto.RequiredLength = await _passwordComplexitySettings.RequiredLength.GetValueOrNullAsync();
+            dto.RequireDigit = defaultAuthSettings.RequireDigit;
+            dto.RequireLowercase = defaultAuthSettings.RequireLowercase;
+            dto.RequireNonAlphanumeric = defaultAuthSettings.RequireNonAlphanumeric;
+            dto.RequireUppercase = defaultAuthSettings.RequireUppercase;
+            dto.RequiredLength = defaultAuthSettings.RequiredLength;
 
             // Password reset
-            dto.ResetPasswordWithEmailLinkIsSupported =  settings.UseResetPasswordViaEmailLink;
-            dto.ResetPasswordWithEmailLinkExpiryDelay = settings.ResetPasswordEmailLinkLifetime;
-            dto.ResetPasswordWithSmsOtpIsSupported = settings.UseResetPasswordViaSmsOtp;
-            dto.ResetPasswordWithSmsOtpExpiryDelay = settings.ResetPasswordSmsOtpLifetime;
-            dto.ResetPasswordWithSecurityQuestionsIsSupported = settings.UseResetPasswordViaSecurityQuestions;
-            dto.ResetPasswordWithSecurityQuestionsNumQuestionsAllowed = settings.ResetPasswordViaSecurityQuestionsNumQuestionsAllowed;
+            dto.ResetPasswordWithEmailLinkIsSupported = defaultAuthSettings.UseResetPasswordViaEmailLink;
+            dto.ResetPasswordWithEmailLinkExpiryDelay = defaultAuthSettings.ResetPasswordEmailLinkLifetime;
+            dto.ResetPasswordWithSmsOtpIsSupported = defaultAuthSettings.UseResetPasswordViaSmsOtp;
+            dto.ResetPasswordWithSmsOtpExpiryDelay = defaultAuthSettings.ResetPasswordSmsOtpLifetime;
+            dto.ResetPasswordWithSecurityQuestionsIsSupported = defaultAuthSettings.UseResetPasswordViaSecurityQuestions;
+            dto.ResetPasswordWithSecurityQuestionsNumQuestionsAllowed = defaultAuthSettings.ResetPasswordViaSecurityQuestionsNumQuestionsAllowed;
+
+            // General
+            dto.AutoLogoffAfterInactivity = generalFrontendSettings.AutoLogoffAfterInactivity;
+            dto.AutoLogoffTimeout = generalFrontendSettings.AutoLogoffTimeout;
 
             return dto;
         }

shesha-core/src/Shesha.Application/Authorization/Settings/Dto/AuthorizationSettingsDto.cs

@@ -1,4 +1,6 @@
-namespace Shesha.Authorization.Settings.Dto
+using System.ComponentModel.DataAnnotations;
+
+namespace Shesha.Authorization.Settings.Dto
 {
     /// <summary>
     /// Authorization options
@@ -9,7 +11,7 @@ public class AuthorizationSettingsDto
         /// Lockout enabled (default value for new users)
         /// </summary>
         public bool IsLockoutEnabled { get; set; }
-        
+
         /// <summary>
         /// Lockout time in seconds
         /// </summary>
@@ -22,34 +24,46 @@ public class AuthorizationSettingsDto
 
 
         /// <summary>
-        /// Passwords: require digits
+        /// Require digit in passwords
         /// </summary>
+        [Display(Name = "Require digit")]
         public bool RequireDigit { get; set; }
 
         /// <summary>
         /// Passwords: require lower case character
         /// </summary>
+        [Display(Name = "Require lowercase")]
         public bool RequireLowercase { get; set; }
 
         /// <summary>
         /// Passwords: non alphanumeric character
         /// </summary>
+        [Display(Name = "Require non alphanumeric")]
         public bool RequireNonAlphanumeric { get; set; }
+
         /// <summary>
         /// Passwords: require upper case character
         /// </summary>
+        [Display(Name = "Require uppercase")]
         public bool RequireUppercase { get; set; }
-        
+
         /// <summary>
         /// Passwords: min length
         /// </summary>
+        [Display(Name = "Required length")]
         public int RequiredLength { get; set; }
 
         /// <summary>
         /// Auto logoff timeout (in case of user inactivity). Set to 0 to disable
         /// </summary>
+        [Display(Name = "Auto logoff timeout (in case of user inactivity). Set to 0 to disable")]
         public int AutoLogoffTimeout { get; set; }
 
+        /// <summary>
+        /// Auto logoff timeout after inactivity
+        /// </summary>
+        public bool AutoLogoffAfterInactivity { get; set; }
+
         /// <summary>
         /// Allow users to reset passwords with reset link sent to their emails.
         /// </summary>

shesha-core/src/Shesha.Application/Notifications/NotificationTemplateProcessor.cs

@@ -94,11 +94,11 @@ public FrontEndAppTag(IFrontendSettings frontendSettings, string appKey)
                 _appKey = appKey;
             }
 
-            public string? PublicUrl
+            public FrontendApplicationRedirectsSettings? PublicUrl
             {
                 get 
                 {
-                    var value = _frontendSettings.PublicUrl.GetValueOrNull(new Settings.SettingManagementContext { AppKey = _appKey });
+                    var value = _frontendSettings.FrontendApplicationRedirectsSettings.GetValueOrNull(new Settings.SettingManagementContext { AppKey = _appKey });
                     return value;
                 }
             }

shesha-core/src/Shesha.Application/Otp/OtpAppService.cs

@@ -1,21 +1,22 @@
-using Abp.Dependency;
+using System.Threading.Tasks;
+using Abp.Dependency;
 using Microsoft.AspNetCore.Mvc;
+using Shesha.Configuration.Security.Frontend;
 using Shesha.Otp.Configuration;
 using Shesha.Otp.Dto;
-using System.Threading.Tasks;
 
 namespace Shesha.Otp
 {
     public class OtpAppService : SheshaAppServiceBase, IOtpAppService, ITransientDependency
     {
-        private readonly IOtpSettings _otpSettings;
+        private readonly IUserManagementSettings _userManagementSettings;
         private readonly IOtpManager _otpManager;
 
 
-        public OtpAppService(IOtpManager otpManager, IOtpSettings otpSettings)
+        public OtpAppService(IOtpManager otpManager, IUserManagementSettings userManagementSettings)
         {
             _otpManager = otpManager;
-            _otpSettings = otpSettings;
+            _userManagementSettings = userManagementSettings;
         }
 
         /// <summary>
@@ -47,7 +48,7 @@ public async Task<IVerifyPinResponse> VerifyPinAsync(VerifyPinInput input)
         [HttpPost]
         public async Task<bool> UpdateSettingsAsync(OtpSettingsDto input)
         {
-            await _otpSettings.OneTimePins.SetValueAsync(new OtpSettings
+            await _userManagementSettings.DefaultAuthentication.SetValueAsync(new DefaultAuthenticationSettings
             {
                 PasswordLength = input.PasswordLength,
                 Alphabet = input.Alphabet,
@@ -64,7 +65,7 @@ await _otpSettings.OneTimePins.SetValueAsync(new OtpSettings
         [HttpGet]
         public async Task<OtpSettingsDto> GetSettingsAsync()
         {
-            var emailSettings = await _otpSettings.OneTimePins.GetValueAsync();
+            var emailSettings = await _userManagementSettings.DefaultAuthentication.GetValueAsync();
 
             var settings = new OtpSettingsDto
             {

shesha-core/src/Shesha.Application/Otp/OtpGenerator.cs

@@ -1,32 +1,34 @@
-using Abp.Dependency;
-using Shesha.Otp.Configuration;
-using System;
+using System;
+using System.Text;
+using Abp.Dependency;
+using Shesha.Configuration.Security.Frontend;
 
 namespace Shesha.Otp
 {
     public class OtpGenerator: IOtpGenerator, ITransientDependency
     {
-        private readonly IOtpSettings _settings;
+        private readonly IUserManagementSettings _userManagementSettings;
 
-        public OtpGenerator(IOtpSettings settings)
+        public OtpGenerator(IUserManagementSettings userManagementSettings)
         {
-            _settings = settings;
+            _userManagementSettings = userManagementSettings;
         }
 
         public string GeneratePin()
         {
             var random = new Random();
-            var password = string.Empty;
+            var password = new StringBuilder();
 
-            var alphabet = _settings.OneTimePins.GetValue().Alphabet;
-            var passwordLength = _settings.OneTimePins.GetValue().PasswordLength;
+            var authSettings = _userManagementSettings.DefaultAuthentication.GetValue();
+            var alphabet = authSettings.Alphabet;
+            var passwordLength = authSettings.PasswordLength;
 
             for (int i = 0; i < passwordLength; i++)
             {
-                password += alphabet[random.Next(alphabet.Length)];
+                password.Append(alphabet[random.Next(alphabet.Length)]);
             }
 
-            return password;
+            return password.ToString();
         }
     }
 }