Login flow control #1989 | Support

lalitChougule created 3 years ago

ABP Framework version: v4.3.1
UI type: Angular
DB provider: EF Core
Tiered (MVC) or Identity Server Separated (Angular): yes
Exception message and stack trace:
Steps to reproduce the issue:"

Requirements

When user enters the credentials I just want to validate the credentials, If it is valid I want to show few questionnaire
Once all the questions are answered correctly then I want to actually create token

Current situation

When user enter credentials token is generated. How do I stop this.
Then I redirect user to questionnaire but the fact is user is already logged in. I want to avoid this.
Post my questionnaire user is redirected to dashboard if answered correctly and logout if answers are wrong.

I hope you got my requirements clear. Please suggest me the easiest way to achieve this.

Go to accepted answer

5 Answer(s)

0

alper created 3 years ago
Support Team Director

This is not supported out of the box as the Identity Server changes need to be done. Gettting token is an Identity Server feature, to prevent sending tokens only with username & password, you can customize the Identity Server 4 or you can ask directly to Identity Server contributors https://github.com/IdentityServer/IdentityServer4. Check out https://docs.identityserver.io/en/latest/topics/custom_token_request_validation.html

Sorry but this is a 3rd party question and we have limited support on 3rd party library questions.

lalitChougule created 3 years ago

I was able to validate user credentitals using await _signInManager.CheckPasswordSignInAsync() Now I just want to know below things, This is angular login component code

login(params: LoginParams): Observable<any>; Which backend method is called when the above method is called from angular component ?

May be I can make a wrapper method and call this backend login method in my method once I done with my requirement.

import { Injector } from '@angular/core';
import { Params } from '@angular/router';
import { Observable } from 'rxjs';
import { LoginParams } from '../strategies/auth-flow.strategy';
import * as ɵngcc0 from '@angular/core';
export declare class AuthService {
    protected injector: Injector;
    private strategy;
    get isInternalAuth(): boolean;
    constructor(injector: Injector);
    init(): Promise<any>;
    logout(queryParams?: Params): Observable<any>;
    /**
     * @deprecated Use navigateToLogin method instead. To be deleted in v5.0
     */
    initLogin(): void;
    navigateToLogin(queryParams?: Params): void;
    login(params: LoginParams): Observable<any>;
    static ɵfac: ɵngcc0.ɵɵFactoryDef<AuthService, never>;
}

0

lalitChougule created 3 years ago

@albert Please reply.
0

lalitChougule created 3 years ago

Is there any answer for this question ?
0

bunyamin created 3 years ago

Hello,

AuthService uses this package for authentication.

When you take a look at the AuthService, you will realize it uses one of the two different strategies, Code and Password. Since you want to handle authentication on the angular side, you need to employ Resource Owner Password Flow in your application which is usually just to remove responseType: code from environment.ts

Have an answer to this question? Log in and write your answer.