Here is the code for login page
namespace Eduverse.Pages.Account
{
[DisableAuditing]
public class LoginModel : AccountPageModel
{
[HiddenInput]
[BindProperty(SupportsGet = true)]
public string ReturnUrl { get; set; }
[HiddenInput]
[BindProperty(SupportsGet = true)]
public string ReturnUrlHash { get; set; }
[HiddenInput]
[BindProperty(SupportsGet = true)]
public Guid? LinkUserId { get; set; }
[HiddenInput]
[BindProperty(SupportsGet = true)]
public Guid? LinkTenantId { get; set; }
[HiddenInput]
[BindProperty(SupportsGet = true)]
public string LinkToken { get; set; }
public bool IsLinkLogin { get; set; }
[BindProperty]
public LoginInputModel LoginInput { get; set; }
public bool EnableLocalLogin { get; set; }
public bool IsSelfRegistrationEnabled { get; set; }
public bool ShowCancelButton { get; set; }
public bool UseCaptcha { get; set; }
//TODO: Why there is an ExternalProviders if only the VisibleExternalProviders is used.
public IEnumerable<ExternalProviderModel> ExternalProviders { get; set; }
public IEnumerable<ExternalProviderModel> VisibleExternalProviders => ExternalProviders.Where(x => !string.IsNullOrWhiteSpace(x.DisplayName));
public bool IsExternalLoginOnly => EnableLocalLogin == false && ExternalProviders?.Count() == 1;
public string ExternalLoginScheme => IsExternalLoginOnly ? ExternalProviders?.SingleOrDefault()?.AuthenticationScheme : null;
protected readonly IAuthenticationSchemeProvider SchemeProvider;
protected readonly AbpAccountOptions AccountOptions;
protected readonly ICurrentPrincipalAccessor CurrentPrincipalAccessor;
protected readonly IAbpRecaptchaValidatorFactory RecaptchaValidatorFactory;
protected readonly IAccountExternalProviderAppService AccountExternalProviderAppService;
public LoginModel(
IAuthenticationSchemeProvider schemeProvider,
IOptions<AbpAccountOptions> accountOptions,
IAbpRecaptchaValidatorFactory recaptchaValidatorFactory,
IAccountExternalProviderAppService accountExternalProviderAppService,
ICurrentPrincipalAccessor currentPrincipalAccessor,
IOptions<IdentityOptions> identityOptions,
IOptionsSnapshot<reCAPTCHAOptions> reCaptchaOptions)
{
SchemeProvider = schemeProvider;
AccountExternalProviderAppService = accountExternalProviderAppService;
AccountOptions = accountOptions.Value;
CurrentPrincipalAccessor = currentPrincipalAccessor;
RecaptchaValidatorFactory = recaptchaValidatorFactory;
}
public virtual async Task<IActionResult> OnGetAsync()
{
LoginInput = new LoginInputModel();
var localLoginResult = await CheckLocalLoginAsync();
if (localLoginResult != null)
{
return localLoginResult;
}
IsSelfRegistrationEnabled = await SettingProvider.IsTrueAsync(AccountSettingNames.IsSelfRegistrationEnabled);
UseCaptcha = await UseCaptchaOnLoginAsync();
IsLinkLogin = await VerifyLinkTokenAsync();
if (IsLinkLogin)
{
if (CurrentUser.IsAuthenticated)
{
await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext
{
Identity = IdentitySecurityLogIdentityConsts.Identity,
Action = IdentitySecurityLogActionConsts.Logout
});
await SignInManager.SignOutAsync();
return Redirect(HttpContext.Request.GetDisplayUrl());
}
}
return Page();
}
etc...
}
}
Is this the correct import? I noticed that the code snippet should use Pro version of the lib right?
As I saw your earlier uploaded image has his .Pro.
Hi,
Nope we are using a project with combined auth server (But we are using a layered application if that is applicable)
Seems to not be hit either. any guides on overriding the model page that i can refer to and troubleshoot? thanks
I'm trying to add that file in src\Eduverse.HttpApi.Host\Pages\Account\Register.cshtml.cs
however it does not seem to work. Am I missing anything for the override?
Hi,
Okay, we are thinking of overriding the Register screen (the snippet you highlighted) and don't do the redirect to /ChangePassword for external logins.
This also means that external users would not have any password set. Is that any risk? we want external users only to have to login using the SSO flow and never using password.
Hi,
Actually we do NOT want to show the password reset screen what is the simplest way we can implement this change? thanks
Intended flow:
public virtual async Task AutoRegisterUserAsync(string email, CustomSaasTenantDto tenant)
{
using (_currentTenant.Change(tenant.Id))
{
var existingUser = await _userManager.FindByEmailAsync(email);
// Check if the user already exists
if (existingUser == null)
{
// Create a new user
var newUser = new IdentityUser(
_guidGenerator.Create(),
email,
email,
tenant.Id // Assign the user to the tenant
);
var result = await _userManager.CreateAsync(newUser);
if (result.Succeeded)
{
// Optionally assign roles to the user
await _userManager.AddToRoleAsync(newUser, DefaultRoleConsts.Learner);
}
}
}
}
After user is created, he should be able to login again with SSO.
User should not be able to login with password as no password was set as part of the SSO onboarding flow
Actual:
User is created the first time he logs in with SSO
Subsequent SSO logins prompt for password reset
Thank you, its MVC pages have the correct css now.
However, how about the angular project? When i log in, i realized bootstrap-light.css gets downloaded again.
are the files being read / downloaded from here?
let me try and get back to you
