Thanks as always @liangshiwei
This was very helpful!
Hi,
you can try
services.ConfigureApplicationCookie(options => { options.ExpireTimeSpan = TimeSpan.FromMinutes(10); options.SlidingExpiration = true; });
We added this and it had no affect. The user continues to stay logged in after the specified ExpireTimeSpan. During that timespan, no requests were sent to the server.
That makes sense. Thanks @liangshiwei !!
Thanks @liangshiwei
We solved the issue by specifiying Api.* properties. It was not obvious to do this since we are using blazor server.
property.Api.OnGet.IsAvailable = false;
property.Api.OnUpdate.IsAvailable = false;
property.Api.OnCreate.IsAvailable = false;
Hi liangshiwei,
Thank you for the guidance. I'll be giving your approach a try...
Hi liangshiwei,
It appears the user was changing their password with the failed validation "Volo.Abp.Identity:PasswordRequiresNonAlphanumeric", yet they received the following message from abp.jquery.js.
defaultError403: {
message: 'You are not authorized!',
details: 'You are not allowed to perform this operation.'
},
We are unfamiliar with the internal jquery implementation within ABP.
Please see below for the log details and advise.
https://eiufsd.nvisiononline.net/api/account/my-profile/change-password application/json 99
2024-05-03 13:49:07.331 +00:00 [INF] (Instance: 53d7) Executing endpoint 'Volo.Abp.Account.ProfileController.ChangePasswordAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
2024-05-03 13:49:07.335 +00:00 [INF] (Instance: 53d7) Route matched with {controller = "Profile", area = "account", action = "ChangePassword", page = ""}. Executing controller action with signature System.Threading.Tasks.Task ChangePasswordAsync(Volo.Abp.Account.ChangePasswordInput) on controller Volo.Abp.Account.ProfileController (Volo.Abp.Account.Pro.Public.HttpApi).
2024-05-03 13:49:07.351 +00:00 [INF] (Instance: 53d7) Executing action method Volo.Abp.Account.ProfileController.ChangePasswordAsync (Volo.Abp.Account.Pro.Public.HttpApi) - Validation state: "Valid"
2024-05-03 13:49:07.572 +00:00 [WRN] (Instance: 53d7) ---------- RemoteServiceErrorInfo ----------
{
"code": "Volo.Abp.Identity:PasswordRequiresNonAlphanumeric",
"message": "Passwords must have at least one non alphanumeric character.",
"details": null,
"data": {},
"validationErrors": null
}
2024-05-03 13:49:07.572 +00:00 [WRN] (Instance: 53d7) Passwords must have at least one non alphanumeric character.
Volo.Abp.Identity.AbpIdentityResultException: Passwords must have at least one non alphanumeric character.
at Microsoft.AspNetCore.Identity.AbpIdentityResultExtensions.CheckErrors(IdentityResult identityResult)
at Volo.Abp.Account.ProfileAppService.ChangePasswordAsync(ChangePasswordInput input)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
at Volo.Abp.Authorization.AuthorizationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
at Volo.Abp.GlobalFeatures.GlobalFeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
at Volo.Abp.Auditing.AuditingInterceptor.ProceedByLoggingAsync(IAbpMethodInvocation invocation, AbpAuditingOptions options, IAuditingHelper auditingHelper, IAuditLogScope auditLogScope)
at Volo.Abp.Auditing.AuditingInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
at Volo.Abp.Features.FeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
at Volo.Abp.Validation.ValidationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextExceptionFilterAsync>g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
2024-05-03 13:49:07.572 +00:00 [WRN] (Instance: 53d7) Code:Volo.Abp.Identity:PasswordRequiresNonAlphanumeric
2024-05-03 13:49:07.572 +00:00 [WRN] (Instance: 53d7) Details:
2024-05-03 13:49:07.575 +00:00 [INF] (Instance: 53d7) Executing ObjectResult, writing value of type 'Volo.Abp.Http.RemoteServiceErrorResponse'.
2024-05-03 13:49:07.578 +00:00 [INF] (Instance: 53d7) Executed action Volo.Abp.Account.ProfileController.ChangePasswordAsync (Volo.Abp.Account.Pro.Public.HttpApi) in 242.5297ms
2024-05-03 13:49:07.578 +00:00 [INF] (Instance: 53d7) Executed endpoint 'Volo.Abp.Account.ProfileController.ChangePasswordAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
2024-05-03 13:49:07.626 +00:00 [INF] (Instance: 53d7) Request finished HTTP/1.1 POST https://eiufsd.nvisiononline.net/api/account/my-profile/change-password application/json 99 - 403 - application/json;+charset=utf-8 325.1399ms
Thanks for confirming IanW.
We came up with an approach similar to what you described.
Excellent, this was very helpful. Thanks @maliming!
Hi you can access a video using the link below...
The video shows the following...
https://www.icloud.com/iclouddrive/08aBbYcniD17PdTME67mBM9RQ#Demo_CSD_-_Google_Chrome_2023-12-14_23-26-58
Item 2 is the scenario where we want to redirect to a custom access denied page.