Hello Abp Support team,
We have issue with abp.account.pro
I have project abp v 9.3.6 with multi modules , when i included the source code of Account.pro module by using the abp suite , and it done fine , it replaced all the account packages on the projects to projects reference , but when run the logging it didn't work , i cleared the cookies . I tried to put break point on the login page on OnPostAsync() method but it didn't reach that when logging. I tried to clean and restore and deleted all bin and obj .. there is no error on build or running . but the logging not work it redirect to main page without logging . I created new empty project to just check the issue , but the same .. it didn't work ..
this are the modules that included to project for account
and i attached the logs when press login action
https://drive.google.com/file/d/1E9SChYsA1jp8h1Es98GRCilLVMioCVm6/view?usp=sharing
Please check that
Regards
5 Answer(s)
-
0
- Solution Based on similar internal cases and how Account Pro works when you switch from package to source, the login POST not hitting OnPostAsync and a silent redirect back to the home page almost always means one of the following in the Web host:
- Missing middleware order (authentication/authorization/endpoints)
- Missing MVC ApplicationPart (when module sources are added)
- Mismatched cookie/auth schemes after bringing the module source
- Antiforgery not being posted/validated because the form tag helper or antiforgery cookie isn’t present
Apply and verify these steps in your Web project that hosts the UI (the one that serves /Account/Login):
A) Ensure the required middleware order in Configure pipeline In your Web host (e.g., MyProject.Web), Configure method must include, in this order:
- app.UseAbpRequestLocalization();
- app.UseStaticFiles();
- app.UseRouting();
- app.UseAuthentication();
- app.UseAbpOpenIddictValidation(); // if OpenIddict validation is used in the solution
- app.UseAuthorization();
- app.UseAuditing();
- app.UseUnitOfWork();
- app.UseConfiguredEndpoints();
A missing UseAuthentication/UseAuthorization or UseConfiguredEndpoints will result in POST not reaching the Razor Page handler.
B) Add MVC Application Parts for module source projects When you included Account.Pro source, ensure MVC discovers its pages/controllers:
public override void ConfigureServices(ServiceConfigurationContext context) { Configure<AbpAspNetCoreMvcOptions>(options => { options.ConventionalControllers.Create(typeof(MyProjectWebModule).Assembly); });
// Ensure MVC can locate Razor Pages/Views from module projects context.Services.AddMvc() .AddApplicationPartIfNotExists(typeof(Volo.Abp.Account.Pro.Public.Web.AccountPublicWebModule).Assembly) .AddApplicationPartIfNotExists(typeof(Volo.Abp.Account.Pro.Admin.Web.AccountAdminWebModule).Assembly) .AddControllersAsServices();}
If your module class names differ (due to namespace), add the corresponding Public.Web/Admin.Web assemblies from the Account.Pro source you added. Without these ApplicationParts, routing/view discovery can fail and the POST handler might not be mapped.
C) Verify authentication schemes after source inclusion Account.Pro’s login relies on Identity cookie scheme for local login and IdentityConstants.ExternalScheme for external flows. Ensure you didn’t inadvertently override DefaultScheme/DefaultChallengeScheme in your host. A safe configuration:
public override void ConfigureServices(ServiceConfigurationContext context) { Configure<AuthenticationOptions>(options => { // Do not set DefaultChallengeScheme to OIDC for the whole app unless you know why. // Let AccountPro render external providers and challenge only when selected. });
context.Services.AddAuthentication(); // keep defaults from ABP/Identity}
If you integrate an external provider (OIDC, Azure AD), register it but don’t globally set DefaultChallengeScheme. For OIDC, make sure SignInScheme is IdentityConstants.ExternalScheme:
context.Services.AddAuthentication() .AddOpenIdConnect("oidc", options => { // ... your authority, client id/secret, scopes options.SignInScheme = Microsoft.AspNetCore.Identity.IdentityConstants.ExternalScheme; });
D) Confirm the Razor Page form posts antiforgery
- In your overridden Login.cshtml, the form must be <form method="post"> and should include the antiforgery token. ABP’s tag helpers include this automatically if you use the standard markup copied from the module. Avoid removing it.
E) Check endpoint mapping for Razor Pages If you customized endpoint registration, ensure MapAbpEndpoints (or UseConfiguredEndpoints) is called. If you use endpoint routing explicitly, make sure you have endpoints.MapRazorPages(); or the ABP equivalent.
F) Clear caches and recompile
- Delete bin/obj of all module source projects and Web project.
- Ensure all old Volo.Abp.Account.* package references were replaced by ProjectReference (ABP Suite usually does this).
- Rebuild the solution.
G) Quick diagnostics
- Navigate to /Account/Login and open browser dev tools:
- Ensure there is a RequestVerificationToken cookie and a hidden __RequestVerificationToken input in the form.
- When clicking Login, verify the request is POST /Account/Login with status 302 only after your OnPostAsync runs. If you get 302 immediately and your breakpoint doesn’t hit, routing/middleware ordering or ApplicationPart is missing.
- Enable detailed logs for Microsoft.AspNetCore.Routing and Microsoft.AspNetCore.Mvc.RazorPages to see whether the page handler is discovered.
If you also enabled “External Logins” using Account Pro settings and you recently upgraded, and you still get silent redirects, check your AbpUserLogins table for duplicated or stale IdentityUserLogin entries. Clearing conflicting entries fixed a similar issue after upgrades in another case.
- Sources
- https://abp.io/docs/latest/modules/account-pro
- https://docs.abp.io/en/abp/latest/Modules/Account
- https://github.com/abpframework/abp
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.
-
0
This is my status .. When clicking Login, verify the request is POST /Account/Login with status 302 only after your OnPostAsync runs. If you get 302 immediately and your breakpoint doesn’t hit, routing/middleware ordering or ApplicationPart is missing.
the ordering for routing/middleware is correct ..
but the section of add ApplicationPart is for old version i think .. my abp version is 9.3.6 what the right code for add Application Part -
0
- Solution In ABP 9.x you still add MVC Application Parts when you include a module from source, but you should use the ABP-provided extension AddApplicationPartIfNotExists on IMvcBuilder. You typically place it in your WebModule’s ConfigureServices.
Example for Account Pro (Public + Admin Web) on v9.3.6:
using Microsoft.Extensions.DependencyInjection; using Volo.Abp.AspNetCore.Mvc; // for AddApplicationPartIfNotExists using Volo.Abp.Modularity; using Volo.Abp.Account.Pro.Public.Web; using Volo.Abp.Account.Pro.Admin.Web; [DependsOn( typeof(AccountPublicWebModule), typeof(AccountAdminWebModule) )] public class MyProjectWebModule : AbpModule { public override void ConfigureServices(ServiceConfigurationContext context) { // Ensure MVC can discover Razor Pages/Views/Controllers from the module source projects context.Services .AddMvc() .AddApplicationPartIfNotExists(typeof(AccountPublicWebModule).Assembly) .AddApplicationPartIfNotExists(typeof(AccountAdminWebModule).Assembly); // If you also have HttpApi Controllers from module source, keep conventional controllers: Configure<AbpAspNetCoreMvcOptions>(options => { options.ConventionalControllers.Create(typeof(MyProjectWebModule).Assembly); }); } }Notes:
- The important piece is AddMvc().AddApplicationPartIfNotExists(assembly).
- Use the actual module types from the source projects you added (e.g., AccountPublicWebModule, AccountAdminWebModule). Namespaces are Volo.Abp.Account.Pro.Public.Web and Volo.Abp.Account.Pro.Admin.Web.
- Keep the standard ABP middleware order in Program/Startup and call app.UseConfiguredEndpoints() so Razor Pages endpoints are mapped.
If your host only uses the Public Web part, you can omit the Admin one and keep only AccountPublicWebModule’s assembly in AddApplicationPartIfNotExists.
- Sources
- https://abp.io/docs/latest/modules/account-pro
- https://abp.io/docs/latest/framework/architecture/modularity/basics
- https://github.com/abpframework/abp
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.
-
0
still not work with me.. can you please check
-
0
maybe after you add the souce-code account website has different port?
