Hi, did you check this thread, it seems it's same with your question?
Hey, okay great!
Is it in any release notes? I couldnt find any info on this subject. But good to know!
Thank you!
Hi, for the pro-releases we share their PR description in our website: https://abp.io/pro-releases
Here is the related PR: https://abp.io/pro-releases/pr/18919
Hi, first of all, thanks for the detailed explanation.
I know that I cannot delete cookie from another domain. So do you have any solution to forget selected tenant. I only need to do this for tenants which are not using local login.
You're correct: cross-domain cookies cannot be deleted by client-side code running on a different domain. Since the __tenant cookie is set on auth.application-test.ab.app, deleting it from application-test.ab.app has no effect.
For the solution, these are what came to my mind:
To fully clear the tenant cookie, you can redirect the user to the auth-server logout endpoint. After logout, redirect them to the login page and they can select a tenant again, or login as a host user (if they can).
If the first option is not applicable to you, then you may customize your auth-server's login logic to check if the __tenant cookie is present and then implement a tenant selection page?
The first approach is definitely, easier than the second one, if it's applicable for you, I suggest to go with the first option.
Regards.
Hi @batuhankara,
I just started using session management with openiddict, now everything looks ok. but when I enabled LogoutFromSameTypeDevices I find that all session has same Device on DB (AbpSessions) so I wonder why and how to control what value is passed to db
There is a class called OpenIddictCreateIdentitySession (handles the ProcessSignIn event of OpenIddict module), which gets the randomly generated sessionId and stores it in the database.
When you enable the LogoutFromSameTypeDevices option, then the IdentitySessionManager kicks in and revokes the other device sessions and removes them from the database and cache.
second question is it possible to make custom rule about it? for example if client is Web only 1 login allowed, if client is "Mobile" you can 5 or unlimited token etc. ?
Currently, we don't provide such an option. There are only three options: Disabled, LogoutFromSameTypeDevices and LogoutFromAllDevices. For custom scenarios, you should override the code and implement it yourself. If you want to customize, then you can refer to the How it works? section in the documentation and update the relevant places.
Regards.
Hi, yes, this is expected behavior. We made some design enhancements to Account Pages, and this is one of these enhancements. Along with the UI changes, this was one of the core implementation points. We require email verification before setting two-factor authentication because sthe ystem checks all 2fa providers in the background.
Regards.
Hi, it seems this question is similar to a previous question that you asked. So, please check this answer first, and if you have further question then I can assist you.
Regards.
Hi, unfortunately, while creating a solution template, there is no default way for that. You can create an Angular application, with public web (MVC/Razor Pages) application.
But, if you want then you can add a new web application through ABP Studio UI. Refer to https://abp.io/docs/latest/studio/solution-explorer#adding-a-new-empty-module
You basically need to right-click and add a web application after creating the solution, so you can have angular, mvc/razor for backend, and for back office application (mvc/razor pages).
Regards.
i mean if we created our project .net core and mvc as ui can we by any way show added page by mvc cms kit pro in angular ? and can we mix .net core and mvc and angular ?
We have a view component for each feature and render it on the page. For example, if you want to use Page Feedback System, then there is a view component named PageFeedbackViewComponent and you render the related view component on the relevant page.
So, if you want to show it in your angular UI, then you should create a controller, return the view component result and then send a request to the relevant endpoint and show it to your angular UI. But, we don't provide such a way by default, so you need to apply these steps and implement them yourself.
Regards.
Thanks, that should do the trick. I had an idea that customizing one of the templates would be necessary but for some reason I couldn't seem to isolate which one to edit.
Yes, this is one thing that we should enhance. It's hard to find the templates, I've created an internal issue for that.
Hello, I have the same issue. Bitdefender is blocking it.
Is there any update on this issue?
Thanks for reporting. We will check the DLL and let you know.
