hi
Can you try to use the latest yarn v1.22.x ?
https://github.com/yarnpkg/yarn/releases
hi
We moved the user login process to the Angular project.
Do you mean you use the password grant type?
https://abp.io/docs/latest/framework/ui/angular/authorization#resource-owner-password-flow
is there a period of time that the password change link is valid? We want this link to be valid for 15 minutes.
Change the TokenLifespan(1 day default) of DataProtectionTokenProviderOptions.
https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.identity.dataprotectiontokenprovideroptions.tokenlifespan?view=aspnetcore-8.0#microsoft-aspnetcore-identity-dataprotectiontokenprovideroptions-tokenlifespan
hi
can I know what should I do in order to make the changes instantly reflected on the UI after updating the permissions manually from the database.
You'd better not do this. Always do it through code.
The framework will use IDistributedCache<PermissionGrantCacheItem> to cache the permission grants.
AbsoluteExpiration and SlidingExpiration) used when you don't specify the options while saving cache items. Default value uses the SlidingExpiration as 20 minutes.
https://abp.io/docs/latest/framework/fundamentals/caching#abpdistributedcacheoptions
You can clear the PermissionGrantCacheItem cache from redis.
hi
Have you created the openiddict.pfx file in the website?
In the production environment, you need to use a production signing certificate. ABP Framework sets up signing and encryption certificates in your application and expects an openiddict.pfx file in your application.
This certificate is already generated by ABP CLI, so most of the time you don't need to generate it yourself. However, if you need to generate a certificate, you can use the following command:
dotnet dev-certs https -v -ep openiddict.pfx -p 00000000-0000-0000-0000-000000000000
00000000-0000-0000-0000-000000000000is the password of the certificate, you can change it to any password you want.
It is recommended to use two RSA certificates, distinct from the certificate(s) used for HTTPS: one for encryption, one for signing.
For more information, please refer to: https://documentation.openiddict.com/configuration/encryption-and-signing-credentials.html#registering-a-certificate-recommended-for-production-ready-scenarios
Also, see the Configuring OpenIddict documentation for more information.
public override void PreConfigureServices(ServiceConfigurationContext context)
{
var hostingEnvironment = context.Services.GetHostingEnvironment();
var configuration = context.Services.GetConfiguration();
PreConfigure<OpenIddictBuilder>(builder =>
{
builder.AddValidation(options =>
{
options.AddAudiences("MyProjectName");
options.UseLocalServer();
options.UseAspNetCore();
});
});
if (!hostingEnvironment.IsDevelopment())
{
PreConfigure<AbpOpenIddictAspNetCoreOptions>(options =>
{
options.AddDevelopmentEncryptionAndSigningCertificate = false;
});
PreConfigure<OpenIddictServerBuilder>(serverBuilder =>
{
serverBuilder.AddProductionEncryptionAndSigningCertificate("openiddict.pfx", "00000000-0000-0000-0000-000000000000");
});
}
}
hi koraykirdinli
Please enable the stdout logs and share it.
Thanks.
https://learn.microsoft.com/en-us/aspnet/core/test/troubleshoot-azure-iis?view=aspnetcore-8.0#aspnet-core-module-stdout-log-iis
hi
Can you share your solution?
Override IPermissionStore may not be the solution to your problem.
Also, even if we do not override IPermissionStore, abp.io permission store does not work. Menus are not loaded. Authorizations are not received. The values of permissions pulled from the redis appear to be null.
In this case, it would be better if you could share a project that reproduces the problem, and I will check it locally, it will be difficult to check your code in a remote meeting.
liming.ma@volosoft.com
Thanks
hi
We have fixed this in abp&volo8.3.2 and lepton 3.3.2.
hi
Can you try override IPermissionStore in Domain project and get it from DI in your API and AuthServer projects?
https://abp.io/support/questions/8030/IPermissionStore-can%27t-override#answer-3a157857-26ea-3344-dee9-0d9807a137fd
I think this may be some problem with your application, if you can reproduce in a template project you can share it, I will check again.
