Hey,
we need to perform sign-in in code and then generate an access token (JWT token) for that user, so we can send the token to our mobile app.
Currently we have an AuthenticationAppService which has a login method like this:
public class AuthenticationService : ApplicationService, IAuthenticationAppService
{
private readonly IdentityUserManager _userManager;
private readonly SignInManager<Volo.Abp.Identity.IdentityUser> _signInManager;
public AuthenticationService(
IdentityUserManager userManager,
SignInManager<Volo.Abp.Identity.IdentityUser> signInManager)
{
_userManager = userManager;
_signInManager = signInManager;
}
public async Task<LoginResult> LoginAsync(LoginInput input)
{
var user = await _userManager.FindByNameAsync(input.Username);
if (user == null)
{
return new LoginResult()
{
Success = false,
};
}
var result = await _signInManager.CheckPasswordSignInAsync(user, input.Password, false);
if (!result.Succeeded)
{
return new LoginResult()
{
Success = false,
};
}
// Generate access token.
var accessToken = ???;
return new LoginResult()
{
Success = true,
AccessToken = accessToken,
};
}
}
The sign-in works, but how can we retrieve or generate an access token. We have a tiered solution, so the identity server is in another project.
- ABP Framework version: v5.2.1
- UI type: Blazor
- DB provider: EF Core
- Tiered (MVC): yes
4 Answer(s)
-
0
hi
Are you using the Identity Server?
-
0
In My case, I am using identity server. We have this requirement also for generate access_token. Is there any logic for token generation manually
-
0
hi
Are you using the Identity Server?
Yes we do.
-
0
You shouldn't be generating access_token manually in the login process. All of the flows are created because of security reasons.
In tiered application, your web application is not the Secure Token Server (STS) to grant you the access token. IdentityServer is the STS and you need to get and validate your tokens to IdentityServer.
That being said, you can make a request to IdentityServer
/connect/token
endpoint with supported grant types to get access_token.