hi
What is your current Cookie and AccessToken lifetime(minutes)?
Can you test your case in a version 7.2.2 template project?
If you can reproduce, you can share it.
Thanks.
Thanks. Can you also set the SlidingExpiration to false
.AddCookie("Cookies", options =>
{
options.ExpireTimeSpan = TimeSpan.FromDays(365);
options.SlidingExpiration = false;
options.IntrospectAccessToken();
})
And set .MinimumLevel.Debug() in Program.cs
var loggerConfiguration = new LoggerConfiguration()
.MinimumLevel.Debug()
.MinimumLevel.Override("Microsoft.EntityFrameworkCore", LogEventLevel.Warning)
.Enrich.FromLogContext()
.WriteTo.Async(c => c.File("Logs/logs.txt"))
Thanks again.
hi
I will check this case.
Thanks.
Yes, Please share the new logs.
Thanks.
hi
JWT tokens cannot be revoked before they expire by default.
You can consider using ABP's session feature. Revoke a session will make the JWT invalid. https://abp.io/docs/latest/modules/identity/session-management
You can also create your own JWT authentication logic. Add revoked tokens to Redis, and after the API verifies the token, also check Redis.
context.Services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddAbpJwtBearer(options =>
{
options.Authority = configuration["AuthServer:Authority"];
options.RequireHttpsMetadata = configuration.GetValue<bool>("AuthServer:RequireHttpsMetadata");
options.Audience = "MyProjectName";
options.TokenHandlers.Clear();
options.TokenHandlers.Add(new MyJsonWebTokenHandler());
});
using System.Threading.Tasks;
using Microsoft.IdentityModel.JsonWebTokens;
using Microsoft.IdentityModel.Tokens;
namespace MyCompanyName.MyProjectName;
public class MyJsonWebTokenHandler : JsonWebTokenHandler
{
public override async Task<TokenValidationResult> ValidateTokenAsync(SecurityToken token, TokenValidationParameters validationParameters)
{
var result = await base.ValidateTokenAsync(token, validationParameters);
if (result.IsValid)
{
var rawToken = token.ToString();
// Custom logic after token validation
}
return result;
}
}
hi
but the token has not been invalidated.
Do you mean that you can still call the API using this JWT token?
Thanks.
BTW, we enhanced the time-related feature in 9.2.0.
https://github.com/abpframework/abp/blob/dev/docs/en/Community-Articles/2025-03-11-Developing-A-Multi-Timezone-Application-Using-The-ABP-Framework/post.md
Can you try upgrading to 9.2.0 or testing your case in a new 9.2.2 template project?
Thanks.
hi
try to filter by date
On which page do you get the error when the language is Italian?
Can you share a screenshot?
Thanks.
hi
Can you try to use abp get-source Volo.Abp.LeptonXTheme --version 4.2.2 command to download again?
Thanks.
