Open Closed

Angular Passwordless #6240


User avatar
0
Payoff created

We are trying to implement the Passwordless solution, following the guidelines provided at https://community.abp.io/posts/implementing-passwordless-authentication-with-asp.net-core-identity-c25l8koj. However, the solution is for MVC, and we have revised it to work with Angular. The issue is with the login, which, instead of doing this (not works with angular): `

        public virtual async Task<IActionResult> Login(string token, string userId)
        {
            var user = await UserManager.FindByIdAsync(userId);

            var isValid = await UserManager.VerifyUserTokenAsync(user, "PasswordlessLoginProvider", "passwordless-auth", token);
            if (!isValid)
            {
                throw new UnauthorizedAccessException("The token " + token + " is not valid for the user " + userId);
            }

            await UserManager.UpdateSecurityStampAsync(user);
            await SignInManager.SignInAsync(user, isPersistent: false);
            return Redirect("/");
        }

` should obtain an authorization token or something similar. Can you provide us with the code to generate the authentication and enable the login? Thank you.

ABP Framework version: v7.4.2
UI Type: Angular
Database System: EF Core (PostgreSQL)
Integrated OpenIddict Auth Server with Angular

3 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Angular uses oAuth2 as an authentication method, You should not do this. It breaks the design.

  • User Avatar
    0
    Payoff created

    I understand, but I also know that real-world applications often use Passwordless authentication with Angular. The first step involves creating a passwordless token and sending it via email, allowing the user to input it on the login page. We have already accomplished this. Now, I believe the next step is to create an authorization token to send back to the Angular application for use, provided that the token is correct. If the bearer token was created by OpenIddict, it should be recognized. Does that sound good to you? If so, how can I obtain a token on the server side within the app service so that I can send it back to the client?

    Thanks Michele

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can add a new grand type to implement the passwordless.

    
    var token = await UserManager.GenerateUserTokenAsync(adminUser,"PasswordlessLoginProvider","passwordless-auth");
    
    await UserManager.VerifyUserTokenAsync(user,"PasswordlessLoginProvider","passwordless-auth",token);
    

    https://community.abp.io/posts/how-to-add-a-custom-grant-type-in-openiddict.-6v0df94z

Made with ❤️ on ABP v9.1.0-preview. Updated on December 12, 2024, 07:15