Open Closed

MyProject.Public.Web login and logout href do not use the 'AuthServer:Authority' setting #4352


User avatar
0
info@ericverschoor.nl created
  • ABP Framework version: v7.0.0
  • UI type: Blazor
  • DB provider: EF Core

The MyProject.Public.Web has a login button, but this button does not redirect to the loginpage of the Blazor application. Is this a bug, or a feature? If it is a feature, what is the correct way to implement the Login/Logout of the MyProject.Public.Web project

https://github.com/abpframework/abp/blob/dev/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Blazor.Server.Tiered/Components/Toolbar/LoginLink/Default.cshtml

I think the code should be changed to use the AuthServer:Authority setting

@inject IConfiguration c;
<a class="btn" role="button" href="@((c["AuthServer:Authority"] ?? "~").EnsureEndsWith('/'))Account/Login"><i class="fa fa-sign-in me-1"></i> @L["Login"]</a> 

In the MyProjectNameMenuContributor.cs I notice that the Account.Manage is using the setting partially. The logout is not using this setting. https://github.com/abpframework/abp/blob/dev/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Blazor.Server.Tiered/Menus/MyProjectNameMenuContributor.cs

I think the code should be changed to use the AuthServer:Authority setting

context.Menu.AddItem(new ApplicationMenuItem("Account.Logout", uiResource["Logout"], url: $"{authServerUrl.EnsureEndsWith('/')}Account/Logout", icon: "fa fa-power-off", order: int.MaxValue - 1000).RequireAuthenticated());


4 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    The project is Tiered(Blazor.Server.Tiered)so this is design.

  • User Avatar
    0
    info@ericverschoor.nl created

    My apologies, I was referring to a wrong github project.

    I'm experience the issue when creating a non-tiered solution. Therefore I think the correct project is MyCompanyName.MyProjectName.Web.Host (?)

    The correct files are: https://github.com/abpframework/abp/blob/dev/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Web.Host/Components/Toolbar/LoginLink/Default.cshtml

    and

    https://github.com/abpframework/abp/blob/dev/templates/app/aspnet-core/src/MyCompanyName.MyProjectName.Web.Host/Menus/MyProjectNameMenuContributor.cs

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    MyCompanyName.MyProjectName.Web.Host is pure UI project so it needs to redirect to AuthServer project.

    This is by design as well.

  • User Avatar
    0
    info@ericverschoor.nl created

    Just as a reference to my future self and others.

    In the appsetting.json of the Public.Web project, the value of the AuthServer.Authority did not match the url of the Blazor project after generating the solution using abp suite. Therefore, when clicking on 'Login' on the Public page there was no correct redirect to the Blazor project.

    {
      "App": {
        "SelfUrl": "https://localhost:44333",
        "DisablePII": "false"
      },  
      .....
      "AuthServer": {
        "Authority": "https://localhost:44313",  <<< the url of the blazor server.
        "ClientId": "WhereIsMyCms_Web_Public",
        "ClientSecret": "1q2w3e*"
      }
    }
    

    and in production, the url settings in the Web.Public, Blazor and DbMigrator projects should match:

    Web.Public appsettings.json

    {
      "App": {
        "SelfUrl": "https://public.myproject.com", 
      },
      "AuthServer": {
        "Authority": "https://blazor.myproject.nl", 
        "ClientId": "MyProject_Web_Public",
        "ClientSecret": "my_big_secret" 
      }
    }
    

    Blazor appsettings.json

    {
      "App": {
        "SelfUrl": "https://blazor.myproject.nl", 
        "RedirectAllowedUrls": "https://blazor.myproject.nl"
      }
    }
    

    DbMigrator appsettings.json

    {  
      "OpenIddict": {
        "Applications": {
          "MyProject_Web_Public": {
            "ClientId": "MyProject_Web_Public",
            "ClientSecret": "my_big_secret",
            "RootUrl": "https://public.myproject.com"
          }
        }
      }
    }
    

    Additional note to the DbMigrator. When the DbMigrator is not set correctly, the redirection in production will fail. The log of the blazor server will mention:

    Client validation failed because 'https://public.myproject.com/signin-oidc' was not a valid redirect_uri for MyProject_Web_Public.
    The authorization request was rejected because the redirect_uri was invalid: 'https://public.myproject.com/signin-oidc'.
    

    This can be fixed using the correct appsetting as shown above.

Made with ❤️ on ABP v9.1.0-preview. Updated on November 11, 2024, 11:11