Hi,
Apologies for the confusion. The reset link works fine, we were just concerned about the exceptions in the logs and if there was any concerns that we should be aware of.
Thanks.
You mean forward you an email password reset email from our test instance? Sure, I can do that.
This s only happens when running ABP in Azure. When we run from VS in our local development environment we don't see the issue.
We have no overrides/customizations to PasswordResetLink
We use SendGrid as our email provider.
This is everything logged between PasswordResetLinkSent and ResetPassword
Hi, Here is what I was able to find and I was wondering if you have any ideas...
We isolated the problem to a small change we recently made. We changed the APB setting value of the mail send from address (Abp.Mailing.DefaultFromAddress) to a new value. This single change caused the exception. When we revert the send from mail address to its original value, everything works as expected.
After looking closer at the logs, it looks like for some reason, at the point you click 'Submit' on the Account/ForgotPassword page, the system attempts to direct to the Account/ResetPassword page with an invalid UserID and TenantID. The Account/ResetPasswordpage shouldn't be directed to until the user clicks the reset link in the email.
It looks like the steps that are happening is..
Account/ForgotPassword pageAccount/PasswordResetLinkSet pageAccount/ResetPassword page with an invalid UserID and TenntID before the user clicks the link in the email and exception occurs.Account/ResetPassword page with the correct UserID and TenantID``
Hi,
What's strange is that the exception is logged both when resetting a password (forgot password link) and also when confirming an email address (email confirmation link sent). In both situations the emails are delivered correctly to the end user even though the exception occurs in the error log.
We've seen ABP operate differently in Azure before https://support.abp.io/QA/Questions/5024/Invalid-Email-Confirmation-Token-Always-Occuring#answer-3a0b1aac-3ee4-e947-105d-f2f20f9ee31b and implemented workarounds with the help of ABP support.
I'll see if I can deploy an empty/newly templated base ABP app to Azure in order to replicate, which should eliminate the possibility that any of our logic/overrides are contributing to the issue.
The Azure logs show that there are no testers/attackers hitting the web application.
Hi,
I checked that, the user's email we are entering is not associated with a deleted account.
It's happening with any user email that we test with. For each user, a different ID is specified in the exception, but for all users the exception references an ID that doesn't exist anywhere in the database.
Thanks @maliming,
This looks good :-)
Thanks @maliming
Our pipeline is working now with your help.
Quick question - should we always be using the latest version of the CLI in the pipeline, even if we are not on the latest version of ABP. For instance, we are on ABP 7.2.1 and using CLI version 7.0.1 (this was the latest CLI version when we upgraded to APB 7.2.1) in development. Should our pipeline target the same version we are using in development or is it safe to just always use the latest version of the CLI regardless of the ABP version.
Thanks!
Hi @maliming,
Thank you. Any ideas on how to go about installing the abp CLI in the pipeline?
Thanks as always @maliming
This was very helpful!
Hi,
LeptonX theme uses SVG as favicon, but SVG favicons is not supported on Safari.
we will fix the problem at the next patch version.
Ok great, thanks! We currently use the Lepton theme (not LeptonX). Can you confirm that the fix will also be done for the Lepton theme?
Thanks!