Import and consolidate the approx 250,000 users, from two different services (each has it's own server and database) into a new Tiered ABP solution.
Our existing systems contain tables for Users and Organisations. Not all users are assigned to an organisation.
We aim to create Tenants for each user (single database multi-tenant model) based on either their organistion or individual User account if they are not part of an organisation. We are expecting to force users to reconfirm their accounts and generate new passwords (i've seen the article on passwordless logins which might help here.)
Where are the methods to manage tenants, users, orgs?
Add tenants by code: Is it possible to create new tenants, users, organisations by code? If so can you please provide snippit of code that would create a new Tenant, Organisation, and Saas Users without triggering user welcome emails, and email validation etc. I want the validation to happen when they login, and not when we import. I know it's based on the ms identity/Signinmanager/IdS stuff but I've no idea how this all ties in with the Abp tenant/org/2fa code.
Delete old tenants (GDPR) Is there a proper way to delete tenants or do we have to hard code sql?
If you think this is the wrong approach and have a better idea then please let me know. We would consider SQL but the plan was for the Abp/Identity Server solution to run in a separate datacenter.
BTW. The identity docs are little more than headings and screenshots of the UI (you should just put this info into the UI itself!) Also are there .net API docs for your repositories, methods etc? I thought I saw some once but can't seem to find any now.
Our ABP Angular tiered solution needs to integrate with an older .net framework MVC solution running separately.
This is the old Jwt code we use.
// from owinconfig.cs
public void ConfigureOpenAuth(IAppBuilder app)
{
//
app.UseJwtBearerAuthentication(
new JwtBearerAuthenticationOptions
{
AuthenticationMode = AuthenticationMode.Active,
TokenValidationParameters = new TokenValidationParameters()
{
ValidAudience = ConfigurationManager.AppSettings["JwtAudience"],
ValidIssuer = ConfigurationManager.AppSettings["JwtIssuer"],
IssuerSigningKey = ConfigurationManager.AppSettings["JwtSecurityKey"].ToSymmetricSecurityKey(),
ValidateLifetime = true,
ValidateIssuerSigningKey = true
}
});
}
//from JwtExtensions.cs
public static class SecurityExtensions
public static SigningCredentials ToIdentitySigningCredentials(this string jwtSecret)
{
var symmetricKey = jwtSecret.ToSymmetricSecurityKey();
var signingCredentials = new SigningCredentials(symmetricKey, SecurityAlgorithms.HmacSha256);
return signingCredentials;
}
public static SymmetricSecurityKey ToSymmetricSecurityKey(this string jwtSecret)
{
return new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSecret));
}
}
edit: ive figured i need to generate a new rsa cert somehow as its using developer mode which isnt recommended for prod.
from what ive been reading the identityserver4 jwt packages are now incompatible with .net framework.
are you share some example code for processing the Jwt token on .net framework. (currently 4.6.x but can update if needed?). im not interested in the user table stuff, just getting the claims. is there anything in the old abpboilerplate code that might work?
Can you please provide a version of the microservice template with the paid commercial modules enabled or a step by step guide to doing it ourselves?
It's very strange that the free version has more features than the commercial one.
Thanks.