Hi,
Below is my ABP details information:
ABP Framework version: v4.4.3
UI type: Angular
DB provider: EF Core
Tiered (MVC) or Identity Server Separated (Angular): yes
I would like to ask, is there any possible to disable concurrent user login? maybe to make the first login become invalid after second login on another device
Thanks and regards, Jeffrey Khor
13 Answer(s)
-
0
hi
https://support.abp.io/QA/Questions/536/How-to-Restrict-users-multiple-login-session https://support.abp.io/QA/Questions/950/How-to-allow-one-user-concurrent-login-per-user https://support.abp.io/QA/Questions/1916/How-to-Restrict-user-to-multiple-login-session
-
0
Hi,
i had added the code below into the ConfigureService under HttpApiHostModule.cs, still not working:
Configure<SecurityStampValidatorOptions>(options => { options.ValidationInterval = TimeSpan.FromSeconds(10); });
and the revocation endpoint suggestion were no longer accessible, and how should i add the property to the User as suggested in one of the provided link above? coz i cant find any code regarding the User class or Identity Class. Sorry as i am a new learner of Abp framework.
Regards, Jeffrey Khor
-
0
hi
What is your current design?
-
0
Hi,
I have been following this link also: https://support.abp.io/QA/Questions/1023/How-to-prevent-ConCurrent-Users-from-logging-in-using-the-same-user-credentials
firstly, i put in the PreconfigureService under the HttpApi.Host module as below:
then i create another three object classes under the HttpApi.Host module also as below:
MyAbpClaimsPrincipalContributor.cs
MyAbpSecurityStampValidator.cs:
currently the issue is error: InvalidOperationException: only a single identity supported
pls correct me if i am wrong
Regards, Jeffrey Khor
-
1
hi
The error is beacuse
principal.Identities.Count() != 1
Please follow this example
public class SocialSecurityNumberClaimsPrincipalContributor : IAbpClaimsPrincipalContributor, ITransientDependency { public async Task ContributeAsync(AbpClaimsPrincipalContributorContext context) { var identity = context.ClaimsPrincipal.Identities.FirstOrDefault(); var userId = identity?.FindUserId(); if (userId.HasValue) { var userService = context.ServiceProvider.GetRequiredService<IUserService>(); //Your custom service var socialSecurityNumber = await userService.GetSocialSecurityNumberAsync(userId.Value); if (socialSecurityNumber != null) { identity.AddClaim(new Claim("SocialSecurityNumber", socialSecurityNumber)); } } } }
-
0
Hi,
i managed to fix the error above as your suggested, but now, it still not disabling the concurrent user login issue, what do i missed?
Regards, Jeffrey Khor
-
0
hi
Can you apply your code to a template project and share it with me? liming.ma@volosoft.com
-
0
hi
Can you apply your code to a template project and share it with me? liming.ma@volosoft.com
Hi,
just sent, pls check your email ya, thanks in advance!!!
Regards, Jeffrey khor
-
0
hi
Your application does not use Cookies as the primary authentication method, the above scheme will not work for you.
You're using the
Identity Server
to issue the token and useJwtBearer
to validate the token.You can try other solutions based on this.
https://github.com/IdentityServer/IdentityServer4/issues/736 https://stackoverflow.com/questions/56021219/concurrent-login-with-identity-server4
-
0
hi
Your application does not use Cookies as the primary authentication method, the above scheme will not work for you.
You're using the
Identity Server
to issue the token and useJwtBearer
to validate the token.You can try other solutions based on this.
https://github.com/IdentityServer/IdentityServer4/issues/736 https://stackoverflow.com/questions/56021219/concurrent-login-with-identity-server4
Hi,
i still dont understand, since my project is using Identity Server to issue token and use JwtBearer to validate the token, the above two links still related with the cookie but not Jwt, and where to customise the login/logout function? i cant find the code inside the project, sorry that i am really a big headache on this, pls guide me.
Regards, Jeffrey Khor
-
0
hi
I will create a demo for this. will info you when it has been done.
https://github.com/abpframework/abp/issues/12783
-
0
Hi,
I think this would be a good feature to add to abp framework.
-
0
hi
https://github.com/abpframework/abp-samples/tree/master/ConcurrentLogin