Our blog contains the activity stream of Orchard Dojo: general news, new resources or tutorials are announced here.

Featured tags

IIS
API
All tags >

Admin Dashboard improvements, Two-factor Authentication - This week in Orchard (26/05/2023)

Check out our current post to read about the latest Admin Dashboard improvements and to see a demo about supporting two-factor authentication in Orchard Core! And don't forget that Orchard Harvest is just right around the corner! Orchard Core updates Show Admin Dashboard shape when Access Admin Dashboard permission is not granted Currently, when the Admin Dashboard feature is enabled, the /admin route is handled by the Index action in the DashboardController controller. This works great when the user has the Access Admin Dashboard permission. However, when they don't, they get the generic forbid error message. In some cases, we don't want to give the user access to the admin widgets but want them to still access the admin dashboard. In this case, they will not be able to see the dashboard unless they type the exact path they want to access in the browser. The solution here was the following: If the user does not have Access Admin Dashboard permission, instead of showing 401, we now render the AdminDashboard shape. When a Dashboard Widget is secured, we check the permission to ensure the user is able to view it before rendering it. This will give us the ability to control who gets to see which widget. To test this out, first of all, we need to enable the Admin Dashboard feature. After that, we modify the permissions of the Editor role by saying users with this role have no permission to access the Admin Dashboard. After that, we added an Html Dashboard Widget to be able to see something instead of the empty dashboard. On the left side of the screen, you can see what the admin user can see. They have the Access Admin Dashboard permission, and the previously created Html Dashboard Widget is visible to them. However, on the right side of the screen, we logged in with a user who has the Editor role. As you can see, Orchard renders the "Welcome to Orchard Core" alert to them, but they can't see the Dashboard Widget or the Dashboard itself. Do not auto-create a dummy content item when the Admin Dashboard feature is enabled When the Admin Dashboard feature is enabled for the first time, for some reason, we create a dummy dashboard item. There is no way to avoid this for new tenants currently. Maybe adding a content item by default is not a good idea because the admin will almost always have to remove it. This change is about removing the sample Orchard Core Admin Widget from the recipe. But if you are curious about this sample widget, you can still use it. If you navigate to Configuration -> Recipes you will find a recipe called Admin Dashboard Widget Sample. And if you execute this recipe, you will be able to see the sample widget in the dashboard again. And this change was also added to the change logs of the next upcoming release to notify everyone about this change. Demos Two-factor Authentication Now you can have new settings that allow you to enable two-factor authentication. To see how this works, navigate to Security -> Settings -> User Login, where you can see a new tab, called Two-factor Authentication. If you put a tick into the Enable two-factor authentication checkbox, you will see the related settings. You can enable 2FA for everyone, you can enable 2FA for users with specific roles, or you can say to remember the client, so you don't have to keep typing the code every single time on the same computer. The Show email address in the authenticator app allows you to display the email address on the authentication app, otherwise, we will show your username. And the Require two-factor authentication option allows you to force authentication. If you log in, you will be forced to use 2FA. Right now, let's enable 2FA just for the users with the Administrator role. This means you will have a new option in the dropdown menu if you click on the user icon in the top-right corner called Security. Here, you can set up your authenticator app by clicking on the Add authenticator app button. Here you can set up your authenticator app by following the steps mentioned. Pull up your phone, open up the authenticator app, scan the QR code, and provide the verification code. On the next screen, you can see your recovery codes which you can use to log in in case you lose your device. But of course, you can reset your recovery codes and also the authenticator app itself under the Security dropdown menu. Now if we log out and log back in, Orchard Core will ask us to provide that code after we typed the correct username and password. And as always, if you would like to know more about this feature (which you can try out right now if you are using the nightly builds of Orchard Core) head to YouTube for a recording! News from the community Orchard Harvest Online Program As many of you know, we have been working hard over the past months to organize the next Orchard Harvest in Las Vegas after the last Harvest in 2017. Unfortunately, based on the current economic situation and personal feedback, Las Vegas won’t work this year. Not to mention that unfortunately Microsoft Build, announced after we decided on our dates, also falls in line with the original dates we chose. So, a date change was also necessary. However, we did not want to let go of this opportunity to meet completely. Therefore, we are pleased to inform you that we will be holding our first online Orchard Harvest starting on the 31st of May at 13:00 UTC. Start your registration for the event right now. You can find the program of the conference on the official site of Orchard Core. See you next week! Orchard Dojo Newsletter Lombiq's Orchard Dojo Newsletter has 462 subscribers! We have started this newsletter to inform the community around Orchard of the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who would like to read our weekly articles? Tell them to subscribe here! If you are interested in more news about Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!

This week in Orchard - 04/26/2019

There was no Orchard Podcast this week, but we have lots of news around Orchard Core and new PRs that will be added to Orchard Core soon! On Orchard Core The Arabic translation for Orchard Core is ready A few weeks ago Hisham Bin Ateya and Abdullah Salem have started to work on the Arabic translation for Orchard Core. Thanks to their hard work, the Arabic translation is now ready! This is the second language that has been completed after the French language, which is the main language for many of the core team. Now it's time to test those translations! Order TimeZone list by name When you would like to set the default time zone for your site under Configuration -> Settings -> General you had to select the preferred timezone from a list that wasn't ordered. Now thanks to this PR you can set the value of the time zone using a list that contains ordered values. New user created event and assign user to role task to workflows Soon you can use two brand new activities when constructing your workflows in Orchard Core. The first one called User created, which is surprisingly fired when a user created. The second one is about assigning a role to a user. Let's say we attached this task after the user created event. In this case, when you edit this task, you can say that assign the Authenticated role for the user that has been created just now. In the following workflow, we do the following and show success or failed notification just for demonstration purposes. GitHub authentication Thanks to Michael Petrinolis when this PR will be merge, you can authenticate yourself in Orchard Core using GitHub, by adding this provider to the list of supported external providers soon. Let's see how this feature will work! First, you need to create a new GitHub App. To do that, head to the GitHub Apps page in the Developer settings and hit New GitHub App. Here you need to provide the name of your GitHub app, the full URL to your GitHub App's website and a user authorization callback URL. Don't forget to generate a private key. After you will get a Client ID and a Client secret. You will need them in the next step. Now you can navigate to Orchard Core admin site and enable the Github Authentication feature. After that, you can notice the Github Authentication option under Github in the menubar. Copy your values here and hit save. Now let's open a new incognito window and navigate to the admin page. Here you can see the GitHub, as another service to log in. Provide the username and the password of a GitHub account to sign in. Now Orchard Core asks you to create a new account based on the user information you have just provided in the previous step. If you click on Register your user account will be created in Orchard Core and you will be able to log in using your newly created account. For note, let's see what happens if a user tries to login with an external provider, and registration is enabled: If the external provider provides an email claim, we search for an existing account with that email. If not found, a new OC Account is created based on the username, email, and password provided by the user. If found, we request the password of the OC Account in order to link the external login. There is a PR that takes into consideration the email must confirmed parameter, if we request a password in order to create a local Account from external login, and also uses the ReCaptcha. There is a front page (OrchardCore.Users/Account/ExternalLogins) where you can link/unlink OC account with external providers. Of course, is not complete, we must decide how this is integrated with profile/account info in admin/front end. Regarding the GitHub, you must select to use your email in public and select which one of the verified emails will be included in the claims. External Login registration without password As you noticed in the previous section when you create a new account using an external login provider you have to provide a password to create the user account in Orchard Core. There is a PR to add a setting to register external users without requesting a local password. In this PR, Michael Petrinolis also implements the way to generate a username instead of parsing claims from external login info and to integrate ReCaptcha in External Login Registration. Facebook module OrchardCore.Facebook provides the following features: Core Components Facebook Login First, you need to enable the Users Registrations module and put a tick in the Users can create new accounts on the site checkbox under Configuration -> Settings -> Registration, because we will create a new user account based on the details provided in the Facebook log in page. To register the Facebook App with the site you need to provide the following settings: AppId: Facebook application id. AppSecret: The application secret. Both settings are available in the Facebook for developers application's page, under Basic Settings. Now enable the Facebook Login module and add these values to Orchard Core. The configuration can be set through the Configuration -> Facebook -> Application menu in the admin dashboard. Now you can log in in your site using a Facebook account, where you can get a familiar screen. After that, you can create your new account in Orchard Core that you can use to log in to Orchard. But the PR is not just about authenticating users from Facebook. If you head to the modules, you will find a feature called Facebook Social Plugins Widgets. Let's enable it! Let's say you installed your site using the Blog recipe. In this case, you have a Page content type with a FlowPart attached to it. Create a new Page and hit on the Add Widget button. Here you will see several new widgets that you can attach to your content type that has a FlowPart attached, like Facebook Comments, Facebook Share, Facebook Like and many more. If you publish or preview your page you will see that the widgets are displayed in your page. On Lombiq Orchard Dojo Newsletter Now we have 57 subscribers of the Lombiq's Orchard Dojo Newsletter! We have started this newsletter to inform the community around Orchard with the latest news about the platform. By subscribing to this newsletter, you will get an e-mail every time when a new post published to Orchard Dojo, including This week in Orchard of course. Do you know of other Orchard enthusiasts who you think would like to read our weekly articles? Tell them to subscribe here!

Diving into the Orchard API - Dojo Course

UPDATE (2017-11-22): Dojo Course 2 is released with new, updated videos! This week on Dojo Course we dive into the Orchard API, use some of the build-in services and extending the capabilities of our module to make it even better! Using LazyField<T> to load data lazily so they are only loaded when we really need them. Using Work<T> to load dependencies lazily so they are only resolved when we really need them. Applying the [Admin] attribute for admin-related Getting to know an other Orchard service: IAuthorizer. Creating our own permissions by implementing the IPermissionProvider. Using the ContentManager so we can finally work with content items! Generating ad-hoc shapes and matching them to an actual template. Implementing the IResourceManifestProvider interface for managing static resources. Remember: if you have any questions don't hesitate to ask them by creating a new issue in the Orchard issue tracker with the "discussion" label. Make sure to prefix your thread's title with "Dojo Course - "! We keep an eye on these issues. Also follow us on Twitter to get notified about the latest Dojo Course news, including when a new tutorial is posted. Do you have some feedback about the course? Please send it in. Haven't you enrolled yet? Why not do it some time in the near future like right now?