Open Closed

Login and generate access token in app service #3044


User avatar
0
alin.andersen created

Hey,

we need to perform sign-in in code and then generate an access token (JWT token) for that user, so we can send the token to our mobile app.

Currently we have an AuthenticationAppService which has a login method like this:

    public class AuthenticationService : ApplicationService, IAuthenticationAppService
    {
        private readonly IdentityUserManager _userManager;
        private readonly SignInManager<Volo.Abp.Identity.IdentityUser> _signInManager;
        
        public AuthenticationService(
            IdentityUserManager userManager,
            SignInManager<Volo.Abp.Identity.IdentityUser> signInManager)
        {
            _userManager = userManager;
            _signInManager = signInManager;
        }

        public async Task<LoginResult> LoginAsync(LoginInput input)
        {
            var user = await _userManager.FindByNameAsync(input.Username);

            if (user == null)
            {
                return new LoginResult()
                {
                    Success = false,
                };
            }

            var result = await _signInManager.CheckPasswordSignInAsync(user, input.Password, false);

            if (!result.Succeeded)
            {
                return new LoginResult()
                {
                    Success = false,
                };
            }

            // Generate access token.
            var accessToken = ???;

            return new LoginResult()
            {
                Success = true,
                AccessToken = accessToken,
            };
        }
    }

The sign-in works, but how can we retrieve or generate an access token. We have a tiered solution, so the identity server is in another project.

  • ABP Framework version: v5.2.1
  • UI type: Blazor
  • DB provider: EF Core
  • Tiered (MVC): yes

4 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Are you using the Identity Server?

  • User Avatar
    0
    Rajasekhar created

    In My case, I am using identity server. We have this requirement also for generate access_token. Is there any logic for token generation manually

  • User Avatar
    0
    alin.andersen created

    hi

    Are you using the Identity Server?

    Yes we do.

  • User Avatar
    0
    gterdem created
    Senior .NET Developer

    You shouldn't be generating access_token manually in the login process. All of the flows are created because of security reasons.

    In tiered application, your web application is not the Secure Token Server (STS) to grant you the access token. IdentityServer is the STS and you need to get and validate your tokens to IdentityServer.

    That being said, you can make a request to IdentityServer /connect/token endpoint with supported grant types to get access_token.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 10, 2024, 06:38