- ABP Framework version: v4.4.0
- UI type: Angular
- DB provider: EF Core
- Tiered (MVC) or Identity Server Separated (Angular): yes / no
Currently we set the tenant edition in our product by setting the edition ID in the tenant, however the features that come back from application-configuration still show the features from the previous edition, unless the user logs out and logs back in again. Page refreshes, and clearing the cache in the browser do not show the correct values, so I am assuming there is some sort of server side caching going on. How can I clear this and return the correct values without signing the user out?
4 Answer(s)
-
0
Hi,
This is a known issue, because JWT is unchangeable.
We are trying to solve this problem: https://github.com/abpframework/abp/pull/8676
-
0
So it gets the edition from the jwt and then uses it to get the features? And then the new changes would only use the tenant?
Are there any workarounds? How is this typically handled? I'm happy to reauthenticate the user in the backend but, but I can't really log them out and make them log in again just for changing plans.
Any help is appreciated
-
0
Hi,
For now you can try:
public static class RefreshEditionIdMiddlewareExtension { public static IApplicationBuilder UseRefreshEditionIdMiddleware(this IApplicationBuilder app) { return app.Use(async (ctx, next) => { var currentTenant = ctx.RequestServices.GetRequiredService<ICurrentTenant>(); var currentUser = ctx.RequestServices.GetRequiredService<ICurrentUser>(); if (!currentUser.IsAuthenticated || !currentUser.TenantId.HasValue) { await next(); return; } var tenantStore = ctx.RequestServices.GetRequiredService<ITenantRepository>(); var currentPrincipalAccessor = ctx.RequestServices.GetRequiredService<ICurrentPrincipalAccessor>(); var tenant = await tenantStore.FindAsync(currentTenant.GetId()); var claims = currentPrincipalAccessor.Principal.Claims.ToList(); claims.ReplaceOne(x => x.Type == AbpClaimTypes.EditionId, new Claim(AbpClaimTypes.EditionId, tenant.EditionId?.ToString() ?? string.Empty)); using (currentPrincipalAccessor.Change(claims)) { await next(); } }); } }.... app.UseAuthorization(); app.UseRefreshEditionIdMiddleware(); // add behind to `UseAuthorization` -
0
Hi,
For now you can try:
public static class RefreshEditionIdMiddlewareExtension { public static IApplicationBuilder UseRefreshEditionIdMiddleware(this IApplicationBuilder app) { return app.Use(async (ctx, next) => { var currentTenant = ctx.RequestServices.GetRequiredService<ICurrentTenant>(); var currentUser = ctx.RequestServices.GetRequiredService<ICurrentUser>(); if (!currentUser.IsAuthenticated || !currentUser.TenantId.HasValue) { await next(); return; } var tenantStore = ctx.RequestServices.GetRequiredService<ITenantRepository>(); var currentPrincipalAccessor = ctx.RequestServices.GetRequiredService<ICurrentPrincipalAccessor>(); var tenant = await tenantStore.FindAsync(currentTenant.GetId()); var claims = currentPrincipalAccessor.Principal.Claims.ToList(); claims.ReplaceOne(x => x.Type == AbpClaimTypes.EditionId, new Claim(AbpClaimTypes.EditionId, tenant.EditionId?.ToString() ?? string.Empty)); using (currentPrincipalAccessor.Change(claims)) { await next(); } }); } }.... app.UseAuthorization(); app.UseRefreshEditionIdMiddleware(); // add behind to `UseAuthorization`Perfect, worked a treat. Thankyou
