Activities of "maliming"

hi

Have you overridden the PageHeader component/class in your project?

https://github.com/abpframework/abp/blob/dev/framework/src/Volo.Abp.AspNetCore.Components.Web.Theming/Layout/PageHeader.razor.cs#L11

No matter what, we always need to reproduce the problem locally.

Thanks.

Ok, you can add it to your scope, the. Angular will use refresh token automatically.

Thanks

Hi

Can you test your custom component in a new template project?

If template project also has this problem you can share it.

Thanks.

hi

I have checked, your api website can’t communicate with authserver website.

Please check the network problem.

Thanks

hi

Can you enable the debug logs and identitymodellogs then share them with liming.ma@volosoft.com?

https://abp.io/support/questions/8622/How-to-enable-Debug-logs-for-troubleshoot-problems

Thanks.

hi

ABP & OpenIddict support the access token + refresh token flow.

Is there an offline_access scope in your angular environment.ts file?

import { Environment } from '@abp/ng.core';

const baseUrl = 'http://localhost:4200';

const oAuthConfig = {
  //...
  scope: 'offline_access MyProjectName'
};

hi

What is your LeptonX package version? It should be 4.1.1 I'm unable to reproduce it in a new template project. Can you share a project?

liming.ma@volosoft.com

Thanks.

hi

It's not only about access tokens, but also the same "problem" with cookies Browsers will strictly protect tokens or cookies. No one can obtain your cookies and tokens.

We also use common protective measures(HTTPS, XSS, XSRF/CSRF).

https://learn.microsoft.com/en-us/aspnet/core/security/?view=aspnetcore-9.0

hi

access tokens issued for one user can potentially be used by another user to make API requests.

Why can one user's token be obtained by another user? How did he get it?

Thanks

hi

The error happened if the current URL ends with /?&&

https://abp.io/?&&

main.0b1b96b4092c5d26.js:1 ERROR TypeError: Cannot read properties of undefined (reading 'toggle')
    at M.toggleCtxMenu (main.0b1b96b4092c5d26.js:1:1484387)
    at main.0b1b96b4092c5d26.js:1:1485112
    at Q1 (main.0b1b96b4092c5d26.js:1:758941)
    at Object.r [as next] (main.0b1b96b4092c5d26.js:1:759098)
    at ye.next (main.0b1b96b4092c5d26.js:1:255667)
    at Qe._next (main.0b1b96b4092c5d26.js:1:255334)
    at Qe.next (main.0b1b96b4092c5d26.js:1:255018)
    at main.0b1b96b4092c5d26.js:1:252848
    at u (main.0b1b96b4092c5d26.js:1:280735)
    at Ru.next (main.0b1b96b4092c5d26.js:1:252685)

Can you create a new question to ask the Angular team?

Thanks.