Hello Team,
OUR ABP CONFIGURATION:
ABP Framework version: v7.0.0 UI type: MVC DB provider: EF Core Tiered (MVC) or Identity Server Separated (Angular): Tiered MVC
Issue: After staying idle on browser for long time, Session does not expire and take us to logout page. Token expiration not handled properly, it takes us to 404 error page. It should logout and go to login page once token get expired.
Check attach error screenshot.
Help us to configure token expiration and handling properly, so that user does not see error 404 page when token get expired after staying idle long in browser.
17 Answer(s)
-
0
If the token expires, what happens if you access the
identity/userspage? -
0
We get redirected to this error page.
-
0
If you available can we do zoom meeting. So that you can check if the code is properly configured to handle token expiration, we want user to auto redirect to login page once token get expired.
-
0
Can you share the full logs? (Authserver, HttpApi.Host, Web) shiwei.liang@volosoft.com
-
0
Hi,
You can try this:
public class AccountController : ChallengeAccountController { public override Task<IActionResult> AccessDenied(string returnUrl = "", string returnUrlHash = "") { return Task.FromResult<IActionResult>(Challenge(new AuthenticationProperties { RedirectUri = GetRedirectUrl(returnUrl, returnUrlHash) }, ChallengeAuthenticationSchemas)); } } -
0
Which place need to add, have three account controller in the system as of now.
Also what returnURL and returnHash need to be passed here?
-
0
Hi,
Please add the to the
Webproject.Also what returnURL and returnHash need to be passed here?
After login it can redirect to the previous page, It is recommended that you pass parameters
-
0
Not able to get it correctly, In Phoneix.GTCManagement.Web Project we have empty account controller, If I add the above code it shows this error
Also how this AccessDenied api will be called and from where and what to pass parameters?
-
0
Hi,
Sorry, try this:
public class AccountController : AbpAccountImpersonationChallengeAccountController { [HttpGet] public Task<IActionResult> AccessDenied(string returnUrl = "", string returnUrlHash = "") { return Task.FromResult<IActionResult>(Challenge(new AuthenticationProperties())); } }Also how this AccessDenied api will be called and from where and what to pass parameters?
This is handled by
OpenIdConnectHandler:
-
0
Hello,
Can not find OpenIdConnectHandler in the project. Can you help me to locate it?
Thanks
-
0
Hi,
It's a class of ASPNETCore: https://github.com/dotnet/aspnetcore/blob/main/src/Security/Authentication/OpenIdConnect/src/OpenIdConnectHandler.cs
-
0
Okay, But as I can not relocate this class in my project, where should I add that code that you shared above.
-
0
Hi,
Also how this AccessDenied api will be called and from where and what to pass parameters?
I just answer the question, you don't need to do it yourself.
-
0
Okay so we just need to add in accountcontroller no need to handle openconnecthandle thing.
-
0
yes,
Sorry, my bad, I copied the wrong code before, please try this:
public class AccountController : AbpAccountImpersonationChallengeAccountController { [HttpGet] public Task<IActionResult> AccessDenied(string returnUrl = "", string returnUrlHash = "") { return Task.FromResult<IActionResult>(Challenge(new AuthenticationProperties { RedirectUri = GetRedirectUrl(returnUrl, returnUrlHash) }, ChallengeAuthenticationSchemas)); } } -
0
Okay, only this we need to add, rest it will take care of session/token expiration right?
I am adding this in account controller and going to deploy this to test it
-
0
ok
