ABP framework 9, the customize Login page can remove self registration link, how to disable this feature so that swagger API also has no this API (api/account/register)
1 Answer(s)
-
0
To completely disable self-registration in ABP Framework (v9), including removing the registration link from your custom login page and disabling the registration API endpoint (
api/account/register
), follow these steps:Disable Self-Registration in Settings:
- Go to the Settings page in your application (usually
/SettingManagement
). - Set "Allow Self Registration" to
false
. This will hide the registration link on the login page and prevent users from registering themselves via the UI.
- Go to the Settings page in your application (usually
Remove or Hide Registration Link in Custom Login Page:
- If you have a custom login page, ensure you do not render the registration link/button. Typically, the link is shown only if self-registration is enabled:
@if (await SettingProvider.IsTrueAsync(AccountSettingNames.IsSelfRegistrationEnabled)) { // Do NOT render the registration link if self-registration is disabled }
- Disable the Registration API Endpoint:
- To prevent access to the
api/account/register
endpoint, override or remove the related service in your application module. You can do this by replacing theAccountController
or theRegister
method with your own implementation that returns a 404 or 403, or by removing the endpoint entirely if you have the source code. - Alternatively, you can use ABP's authorization system to restrict access:
- To prevent access to the
[Authorize("Never")] public override Task<IdentityUserDto> RegisterAsync(RegisterDto input) { throw new AbpAuthorizationException("Self registration is disabled."); }
- Or, if you are using the Pro module, you can override the relevant service or controller to block registration.
- Swagger UI:
- After disabling the endpoint, it will no longer appear in Swagger if you remove or override it as described above.
Note: Disabling self-registration in settings only hides the UI and disables the API logic, but the endpoint may still be visible in Swagger unless you override or remove it as described.
Sources:
This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.