Users with permission can disable Two-Factor Authentication, Orchard Nuggets: How to add an audit trail to an ASP.NET Core app - This week in Orchard (15/11/2024)

gabor.domonkos

New NamedRecipeStepHandler base class and users with permission can disable Two-Factor Authentication are the topics for this week. Don't forget to check out our newest Orchard Nuggets post about how to add an audit trail to an ASP.NET Core app! Let's see the details!

Orchard Core updates

New NamedRecipeStepHandler base class

The NamedRecipeStepHandler class has been introduced to streamline the implementation of IRecipeStepHandler. This base class simplifies the creation of custom recipe steps by handling common step-name checks, allowing developers to focus on implementing their specific step logic.

The new NamedRecipeStepHandler

Let's see a quick example by checking a recipe step, for example, the GitHubAuthenticationSettingsStep. Here, you can see that from now on, we don't need to have an ExecuteAsync method, instead, we can override the HandleAsync method. And inside that method, we don't need to check the name of the recipe step, the base class will do that. It can do that because we provided the name of the recipe step via the constructor.

The new GitHubAuthenticationSettingsStep

Users with permission can disable Two-Factor Authentication

There are times when a user can no longer use 2FA and has no longer access to the recovery codes. From now on, users granted the new DisableTwoFactorAuthenticationForUsers permission can now disable two-factor authentication for other users directly from the Users Admin UI. If you navigate to Security -> Roles and click Edit near any role, the new permission has the Disable two-factor authentication for any user description.

The new Disable two-factor authentication for any user role

The other improvement is adding a new Actions button next to the user and moving Change Password, Unlock, and Delete into the Actions button. Additionally, Mike Alhayek injected the Disable two-factor authentication item in this Actions menu when the Two-Factor Authentication Services feature is enabled. If the Registration feature is disabled but the RegistrationSettings.UsersMustValidateEmail is set to true, the Users Admin UI will show the Send verification email item, when clicking on the Actions button next to the user.

Here, the user AuthorUser has two-factor authentication enabled. When clicking on the Actions button under Security -> Users, you can see the contextual menu containing the Disable two-factor authentication item.

Users with permission can disable two-factor authentication

News from the community

Orchard Nuggets: How to add an audit trail to an ASP.NET Core app

When you have an ASP.NET Core application, that publishes content often and has different users, it’s a good idea to keep track of what is happening in the app: What changes? What content gets deleted or published by who? Who logged in, and when? Did somebody fail to log in repeatedly using a wrong password? Who changed the settings?

Orchard Nuggets: How to add an audit trail to an ASP.NET Core app

In our newest Orchard Nuggets post, we give you the answers by showing how to use the Audit Trail module of Orchard Core! Don't forget to check out the other posts for more such bite-sized Orchard tips and let us know if you have another question!

Orchard Dojo Newsletter

Lombiq's Orchard Dojo Newsletter has 467 subscribers! We have started this newsletter to inform the community around Orchard of the latest news about the platform. By subscribing to this newsletter, you will get an e-mail whenever a new post is published to Orchard Dojo, including This week in Orchard of course.

Do you know of other Orchard enthusiasts who would like to read our weekly articles? Tell them to subscribe here!

If you are interested in more news about Orchard and the details of the topics above, don't forget to check out the recording of this Orchard meeting!