Hi, any updates here?
I suspect it is not possible to make logo change working for external authentication app (i.e. IdentityServer in my case), since it's a different (not Angular) app. So what is described in the doc is the case for Login box residing in Angular app, here the logo cannot be changed:
Hi @armanozak. I am trying to make logo replacement following your documentation, bu it fails with the following error:
No provider for AccountLayoutComponent!
I think I understand the problem (in the documentation you say to add provider to app component of my app, but do not say anything about AccountLayoutComponent), but how to assign provider to the existing ABP component like AccountLayoutComponent?
Would be great to have some context search in your documentation - for instance, by word AccountLayoutComponent - probably this is already covered somewhere... This way we - users - would have less questions :) Instead, now I am getting this:
1 - done
2 - no errors:
3 - no errors
@alper,
thank you - I've installed version 3.3.2. But when I try to download "Modules" in Abp Suite - I still keep getting this animated progressbar and empty page:
I have this issue for a while, but before I had incompatible version of CLI, packages, Suite. Now I have everything 3.3.2 and still the issue is there... Page refresh does not help, just in case.
I also need ABP Suite 3.3.2 - I have all packages in the project and Abp Cli of this version. However, after I've uninstalled Abp Suite of the newest version (4.x) and try to install it again - supplying specific version parameter - I end up with this:
Thank you, @liangshiwei. The test project itself is running well. The issue is discussed and by using the suggested cookie approach it works well too. So I will close the ticket.
I did by the way i described. But as i mentioned, i would like to have this test version of the project above with Identity and HttpApi Host separated.
Hi,
Sorry I forgot your project version, this way only work for projects starting in 4.0.
I would be really grateful if you updated your test project and split IdentityServer and HttpApi.Host part - it will help me to troubleshoot authentication and test new ABP 4.0 things once we upgrade to this version.
Using cookies requires your backend and frontend to be on the same domain&port. Maybe you can use cache to store access_token.
I managed to do this using Cookies approach and it seems to work fine. Though, I will show my code here. If you find something not fully correct - please, comment here.
So,
step 1: made Angular web app running via https. Modify SessionRequestHttpInterceptor (pass withCredentials: true):
intercept(req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
const modified = req.clone({
setHeaders: { 'Content-Language': this.selectedLangCulture || '' }, withCredentials: true
});
return next.handle(modified);
}
step 2: modify appsettings for HttpApi.Host: "AngularApp:HostUrl": "https://localhost:4200", "CorsOrigins": https://localhost:4200"
step 3: Middleware for HttpApi.Host:
public static class ApplicationBuilderAccessTokenCookieMiddlewareExtension
{
public static IApplicationBuilder UseAccessTokenCookieMiddleware(this IApplicationBuilder app, string cookieName)
{
return app.Use(async (httpContext, func) =>
{
string token = null;
token = httpContext.Request.Cookies[cookieName];
if (token == null)
{
token = httpContext.Request.Headers[HeaderNames.Authorization].ElementAtOrDefault(0);
if (token != null)
{
token = token.Replace("Bearer ", "");
}
}
if (token != null)
{
httpContext.Response.Cookies.Append(cookieName,
token,
new CookieOptions
{
Path = "/",
HttpOnly = true,
SameSite = Microsoft.AspNetCore.Http.SameSiteMode.Strict,
MaxAge = TimeSpan.FromMinutes(5),
IsEssential = true,
Secure = true
});
}
await func.Invoke();
});
}
}
step 4: Middleware for IdentityServer:
public static class ApplicationBuilderAccessTokenCookieMiddlewareExtension
{
public static IApplicationBuilder UseAccessTokenCookieMiddleware(this IApplicationBuilder app, string cookieName)
{
return app.Use(async (httpContext, func) =>
{
if (
(httpContext.User.Identity?.IsAuthenticated != true || httpContext.Request.Path.StartsWithSegments("/account/logout"))
&&
httpContext.Request.Cookies[cookieName] != null
)
{
httpContext.Response.Cookies.Delete(cookieName);
}
await func.Invoke();
});
}
}
step 5: HangfireAuthorizationFilter + corresponding Razor error page:
public class HangfireAuthorizationFilter : IDashboardAuthorizationFilter
{
public bool Authorize([NotNull] DashboardContext context)
{
var path = context.GetHttpContext().Request.Path;
var isResource = path != null && (path.Value.StartsWith("/css") || path.Value.StartsWith("/js") || path.Value.StartsWith("/font"));
if (!context.GetHttpContext().User.Identity.IsAuthenticated && !isResource)
{
context.Response.ContentType = "text/html";
context.Response.WriteAsync(new AccessDeniedPage().ToString(context.GetHttpContext()));
return false;
}
return true;
}
}
I had the same problem too. Try clearing chrome cache.
Oh, you are right - i use localhost for dev env, so i had some tenant id there :) it helped.
And yes, all in all, identity works as expected for Hangfire page in this simplified configuration. Could you please split HttpApiHost and IdentityServer in your example? I suspect the root cause of my issue could be that. And if nevertheless sending identity continues working, I will have a look what could be different in our configurations.
I've tried all that I can in my case and the only way out was to create token cookie, as we discussed a bit earlier here. However, if it is possible to make it work without setting the cookie - it will be much better!
Looking forward for your updated example. Thanks!
BTW, just in case: we are still using ABP 3.3.2 - we are not ready to update to 4.x. If it is possible, please use the same version in your example.