Test Against Production Read Replica
To follow our security policy YOU MUST HAVE TWO OTHER DEVELOPERS OBERSVING when you access production information
- Connect to the VPN
- Use the DbConnectionConfigurationData string from Prod DB Read Replica found in the Shared-Development section in LastPass to update the DbConnectionConfigurationData string in Utopia's appsettings.json.
- Comment out
await ValidatePasswordAsync(password, dbUser);
in the method ValidateUsernameAndPasswordAsync in BusinessLogic/Services/AuthenticationService.cs - Replace the method GetUserLoginRequirementsStatusAsync in BusinessLogic/Services/AuthenticationService.cs with the code snippet below:
private async Task<LoginRequirementsStatus> GetUserLoginRequirementsStatusAsync(DbUser dbUser, AuthenticationRequest authRequest, string applicationId)
{
LoginRequirementsStatus loginRequirementsStatus = await InitializeLoginRequirementsStatusAsync(dbUser, authRequest, applicationId);
loginRequirementsStatus.UserSettingMFARequirementMet = true;
//PopulateUserSettingLoginRequirements(loginRequirementsStatus, dbUser, authRequest, applicationId);
//PopulateSecurityPolicyStatuses(loginRequirementsStatus, dbUser, authRequest, applicationId);
//await PopulateRolesFailingOtherRequirementsAsync(dbUser, applicationId, loginRequirementsStatus);
//InvalidateGroupRolesWhereUserRoleIsFailing(loginRequirementsStatus);return loginRequirementsStatus;
}