Open Closed

Forcing external Login for certain actions #9918


User avatar
0
papusa created

Hi, This is a continuation of my previous ticket.

In my application, some actions should only be allowed when the user is authenticated via BankID (external login). I’m looking for a way to force a user to log in with a specific provider. So far, the only approach I found is overriding the LoginModel. While it works, it feels like a hack and may not be the recommended way.

navigateToBankIdLogin(){
    this.authService.navigateToLogin({
      prompt: 'login',
      bankid: true
    });
  }
[ExposeServices(typeof(Volo.Abp.Account.Public.Web.Pages.Account.LoginModel))]
public class LoginModel : Volo.Abp.Account.Public.Web.Pages.Account.LoginModel
{
    public LoginModel(IAuthenticationSchemeProvider schemeProvider,
        IOptions<AbpAccountOptions> accountOptions, IAbpRecaptchaValidatorFactory recaptchaValidatorFactory,
        IAccountExternalProviderAppService accountExternalProviderAppService,
        ICurrentPrincipalAccessor currentPrincipalAccessor, IOptions<IdentityOptions> identityOptions,
        IOptionsSnapshot<reCAPTCHAOptions> reCaptchaOptions) : base(schemeProvider, accountOptions,
        recaptchaValidatorFactory, accountExternalProviderAppService, currentPrincipalAccessor, identityOptions,
        reCaptchaOptions)
    {
    }

    public override Task<IActionResult> OnGetAsync()
    {
        return ShouldForceBankIdLogin()
            ? base.OnPostExternalLogin(MachineRegistryConsts.BankIdLoginProviderName)
            : base.OnGetAsync();
    }

    private bool ShouldForceBankIdLogin()
    {
        if (ReturnUrl.IsNullOrEmpty())
        {
            return false;
        }
        
        var decodedReturnUrl = HttpUtility.UrlDecode(ReturnUrl);
        return decodedReturnUrl.Split("&").Any(p => p.Equals("bankid=true", StringComparison.OrdinalIgnoreCase));
    }
}

Additionally, there’s a UI/flow issue: I have to click the login button twice before the user is navigated to the BankID login, even though the prompt is set to 'login'. Bellow is a gif showing the issue: Could you advise on the recommended ABP way to enforce external login for specific actions and/or address the double-click issue?


3 Answer(s)
  • User Avatar
    0
    AI-Bot created
    Support Team ABP Agent

    To enforce external login (e.g., BankID) for specific actions in ABP, the recommended approach is to customize the login flow by overriding the LoginModel and the login page, as you have done. This is the standard and supported way in ABP to control authentication logic, since the login UI and logic are encapsulated in the Account module and can be overridden as needed.

    Recommended Approach

    1. Override the LoginModel:
      By overriding the OnGetAsync method in your custom LoginModel, you can check for a specific query parameter (e.g., bankid=true) and trigger the external login flow for BankID. This is the correct extensibility point provided by ABP.
    [ExposeServices(typeof(Volo.Abp.Account.Public.Web.Pages.Account.LoginModel))]
       public class LoginModel : Volo.Abp.Account.Public.Web.Pages.Account.LoginModel
       {
           // ... constructor ...
    
           public override Task<IActionResult> OnGetAsync()
           {
               return ShouldForceBankIdLogin()
                   ? base.OnPostExternalLogin(MachineRegistryConsts.BankIdLoginProviderName)
                   : base.OnGetAsync();
           }
    
           private bool ShouldForceBankIdLogin()
           {
               if (ReturnUrl.IsNullOrEmpty())
               {
                   return false;
               }
               var decodedReturnUrl = HttpUtility.UrlDecode(ReturnUrl);
               return decodedReturnUrl.Split("&").Any(p => p.Equals("bankid=true", StringComparison.OrdinalIgnoreCase));
           }
       }
    
    1. Angular UI Trigger:
      On the Angular side, you can navigate to the login page with the required query parameter to force BankID login:
    navigateToBankIdLogin() {
         this.authService.navigateToLogin({
           prompt: 'login',
           bankid: true
         });
       }
    

    Double-Click Issue

    The double-click issue is likely due to the login page being loaded first, and then the external login being triggered on the next navigation. This happens because the first navigation loads the login page, and only after the OnGetAsync logic runs does it redirect to the external provider.

    How to Improve

    • You can optimize the user experience by directly navigating to the external login endpoint from Angular, bypassing the intermediate login page. This can be done by constructing the external login URL and redirecting the user to it when BankID is required.
    • Alternatively, you can keep your current approach, as it is the officially supported extensibility point in ABP for customizing login logic.

    Summary

    • Overriding the LoginModel is the recommended and supported way in ABP to enforce external login for specific actions.
    • The double navigation is a side effect of the login page lifecycle; to avoid it, consider redirecting directly to the external login endpoint from the client.
    • There is no built-in ABP feature to "force" a specific provider without customizing the login logic as you have done.

    Sources


    This response was generated by AI. If it didn’t solve your problem, feel free to post a new answer — our support team will jump in to help you soon.

  • User Avatar
    0
    papusa created

    Hah, the AI-bot just copy-pasted my own code.

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    The ShouldForceBankIdLogin method has no problem. You can use that way.

    I have to click the login button twice before the user is navigated to the BankID login, even though the prompt is set to 'login'. Bellow is a gif showing the issue

    Can you share a GIF and the har file of all requests?

    https://abp.io/support/questions/8622/How-to-enable-Debug-logs-for-troubleshoot-problems#answer-3a1a1c4b-691e-3403-98b9-5f23fa024759

    Thanks

Boost Your Development
ABP Live Training
Packages
See Trainings
Mastering ABP Framework Book
The Official Guide
Mastering
ABP Framework
Learn More
Mastering ABP Framework Book
Made with ❤️ on ABP v10.0.0-preview. Updated on September 22, 2025, 10:12