From 303e262d6c62b220938e469f4f3851ac43bded4d Mon Sep 17 00:00:00 2001
From: ccrowhurstram <ccrowhurst@ramplc.com>
Date: Sat, 16 Apr 2016 16:31:59 +0100
Subject: [PATCH] chore(MembershipRebootConfiguration): obsolete
 AllowLoginAfterAccountCreation

If previously you set `AllowLoginAfterAccountCreation` to false, you
should instead:
* set `MembershipRebootConfiguration.RequireAccountApproval` to true
* replace the call to `UserAccountService.SetIsLoginAllowed` with
`UserAccountService.ApproveAccount` in order to allow login
---
 .../AccountService/UserAccountService.cs                       | 3 +++
 .../Configuration/MembershipRebootConfiguration.cs             | 1 +
 .../Configuration/SecuritySettings.cs                          | 2 ++
 .../Constants/MembershipRebootConstants.cs                     | 1 +
 4 files changed, 7 insertions(+)

diff --git a/src/BrockAllen.MembershipReboot/AccountService/UserAccountService.cs b/src/BrockAllen.MembershipReboot/AccountService/UserAccountService.cs
index f460f6cd..dd5564e4 100644
--- a/src/BrockAllen.MembershipReboot/AccountService/UserAccountService.cs
+++ b/src/BrockAllen.MembershipReboot/AccountService/UserAccountService.cs
@@ -524,7 +524,10 @@ protected void Init(TAccount account, string tenant, string username, string pas
             account.AccountTwoFactorAuthMode = TwoFactorAuthMode.None;
             account.CurrentTwoFactorAuthStatus = TwoFactorAuthMode.None;
 
+            // todo: once AllowLoginAfterAccountCreation has been removed use the commented out line of code instead
             account.IsLoginAllowed = Configuration.AllowLoginAfterAccountCreation;
+//            account.IsLoginAllowed = true;
+
             Tracing.Verbose("[UserAccountService.CreateAccount] SecuritySettings.AllowLoginAfterAccountCreation is set to: {0}", account.IsLoginAllowed);
 
             string key = null;
diff --git a/src/BrockAllen.MembershipReboot/Configuration/MembershipRebootConfiguration.cs b/src/BrockAllen.MembershipReboot/Configuration/MembershipRebootConfiguration.cs
index 261b5bdb..50912449 100644
--- a/src/BrockAllen.MembershipReboot/Configuration/MembershipRebootConfiguration.cs
+++ b/src/BrockAllen.MembershipReboot/Configuration/MembershipRebootConfiguration.cs
@@ -44,6 +44,7 @@ public MembershipRebootConfiguration(SecuritySettings securitySettings)
         public bool UsernamesUniqueAcrossTenants { get; set; }
         public bool RequireAccountVerification { get; set; }
         public bool RequireAccountApproval { get; set; }
+        [Obsolete(@"Use RequireAccountApproval instead and make calls to UserAccountService.ApproveAccount")]
         public bool AllowLoginAfterAccountCreation { get; set; }
         public int AccountLockoutFailedLoginAttempts { get; set; }
         public TimeSpan AccountLockoutDuration { get; set; }
diff --git a/src/BrockAllen.MembershipReboot/Configuration/SecuritySettings.cs b/src/BrockAllen.MembershipReboot/Configuration/SecuritySettings.cs
index ef07596f..b1747c40 100644
--- a/src/BrockAllen.MembershipReboot/Configuration/SecuritySettings.cs
+++ b/src/BrockAllen.MembershipReboot/Configuration/SecuritySettings.cs
@@ -47,6 +47,7 @@ static SecuritySettings GetConfigSection()
         private const string USERNAMESUNIQUEACROSSTENANTS = "usernamesUniqueAcrossTenants";
         private const string REQUIREACCOUNTAPPROVAL = "requireAccountApproval";
         private const string REQUIREACCOUNTVERIFICATION = "requireAccountVerification";
+        [Obsolete("Replaced by REQUIREACCOUNTAPPROVAL")]
         private const string ALLOWLOGINAFTERACCOUNTCREATION = "allowLoginAfterAccountCreation";
         private const string ACCOUNTLOCKOUTFAILEDLOGINATTEMPTS = "accountLockoutFailedLoginAttempts";
         private const string ACCOUNTLOCKOUTDURATION = "accountLockoutDuration";
@@ -104,6 +105,7 @@ public bool RequireAccountApproval
             set { this[REQUIREACCOUNTAPPROVAL] = value; }
         }
 
+        [Obsolete("Replaced by RequireAccountApproval")]
         [ConfigurationProperty(ALLOWLOGINAFTERACCOUNTCREATION, DefaultValue = MembershipRebootConstants.SecuritySettingDefaults.AllowLoginAfterAccountCreation)]
         public bool AllowLoginAfterAccountCreation
         {
diff --git a/src/BrockAllen.MembershipReboot/Constants/MembershipRebootConstants.cs b/src/BrockAllen.MembershipReboot/Constants/MembershipRebootConstants.cs
index 549a0db0..e51ec9e3 100644
--- a/src/BrockAllen.MembershipReboot/Constants/MembershipRebootConstants.cs
+++ b/src/BrockAllen.MembershipReboot/Constants/MembershipRebootConstants.cs
@@ -24,6 +24,7 @@ public class SecuritySettingDefaults
             internal const bool UsernamesUniqueAcrossTenants = false;
             internal const bool RequireAccountVerification = true;
             internal const bool RequireAccountApproval = false;
+            [Obsolete("Replaced by RequireAccountApproval")]
             internal const bool AllowLoginAfterAccountCreation = true;
             internal const int AccountLockoutFailedLoginAttempts = 5;
             internal const string AccountLockoutDuration = "00:05:00";