diff --git a/src/Umbraco.Cms.Api.Management/Controllers/Security/BackOfficeDefaultController.cs b/src/Umbraco.Cms.Api.Management/Controllers/Security/BackOfficeDefaultController.cs index 62b69f0a2321..da6ab4b18a9a 100644 --- a/src/Umbraco.Cms.Api.Management/Controllers/Security/BackOfficeDefaultController.cs +++ b/src/Umbraco.Cms.Api.Management/Controllers/Security/BackOfficeDefaultController.cs @@ -1,19 +1,37 @@ using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; +using Microsoft.Extensions.DependencyInjection; using Umbraco.Cms.Core; +using Umbraco.Cms.Core.DependencyInjection; +using Umbraco.Cms.Core.Services; using Umbraco.Extensions; namespace Umbraco.Cms.Api.Management.Controllers.Security; public class BackOfficeDefaultController : Controller { + private readonly IRuntime _umbracoRuntime; + + [ActivatorUtilitiesConstructor] + public BackOfficeDefaultController(IRuntime umbracoRuntime) + => _umbracoRuntime = umbracoRuntime; + + [Obsolete("Use the non obsoleted constructor instead. Scheduled to be removed in v17")] + public BackOfficeDefaultController() + : this(StaticServiceProvider.Instance.GetRequiredService()) + { + } + [HttpGet] [AllowAnonymous] public async Task Index(CancellationToken cancellationToken) { // force authentication to occur since this is not an authorized endpoint - AuthenticateResult result = await this.AuthenticateBackOfficeAsync(); + // a user can not be authenticated if no users have been created yet, or the user repository is unavailable + AuthenticateResult result = _umbracoRuntime.State.Level < RuntimeLevel.Upgrade + ? AuthenticateResult.Fail("RuntimeLevel " + _umbracoRuntime.State.Level + " does not support authentication") + : await this.AuthenticateBackOfficeAsync(); // if we are not authenticated then we need to redirect to the login page if (!result.Succeeded)