Activities of "Yaduraj.Shakti"

Hi @maliming

Thank you for your response.

in this case how can I schedule Background job to run on monthly basis on a specific time such as EOD (I am bound to not use hangfire or any other lib as of now). Please can you come up with an example?

Thanks!

We want to send a monthly report to end users from our application (microservice) and want to use background Jobs. Please can you share how to set a CRON or schedule without using Hangfire or any other library.

Also suggest if there are other ways for this use-case. Thanks

https://docs.abp.io/en/abp/latest/Background-Jobs

• ABP Framework version: v7.2.2
• UI Type: Angularr
• Database System: EF Core (PostgreSQL)
• Tiered (for MVC) or Auth Server Separated (for Angular): yes/no
• Exception message and full stack trace:

Thank you for the quick response.

Abp Nuget is down. Unable to restore from https://nuget.abp.io/

• ABP Framework version: vX.X.X
• UI Type: Angular / MVC / Blazor WASM / Blazor Server
• Database System: EF Core (SQL Server, Oracle, MySQL, PostgreSQL, etc..) / MongoDB
• Tiered (for MVC) or Auth Server Separated (for Angular): yes/no
• Exception message and full stack trace:
• Steps to reproduce the issue:

Thanks again,

What exactly we can implement using those links? can you please explain or give a sample?

Thanks @mailiming,

In this case, for every new client, I would need to make changes in Middleware correct? What are some other option adhering to best practices. For example, Multiple authentication schemes, multiple clients for Identity server

We've set up an External API that's meant for a specific client or consumer. This client will be using Token-based authentication to access the API (either through a Controller or an AppService). However, we want to restrict their access only to this particular API and prevent them from accessing any of our other APIs.

The issue we're facing is that some of our controllers or AppServices don't have the [Authorize] attribute, and we need to protect those by requiring a token. Currently, if we generate a token, we can access these endpoints without proper authorization. We can't solve this using permissions because it requires us to decorate methods with Authorize("permission").

For instance, we generate a token from the endpoint: https://our-IdentityServer.com/connect/token using the default JWT Scheme. The parameters include:

grant_type: password scope: Microservice1, Microservice2, Microservice3, and so on client_id: App1 client_secret: xyz123 username: ExternalUser password: Test1234

Important: The token generate for client should not be able to access any of other restricted non-restricted (without [Autthorize] services) APIs of the system.

• ABP Framework version: v7.4.0
• UI Type: Angular
• Database System: EF Core/ PostgreSQL
• Tiered (for MVC) or Auth Server Separated (for Angular): yes/no
• Exception message and full stack trace:
• Steps to reproduce the issue:

Currently there are no limits on number of attempts that could be made to this functionality which creates risk of brute force. Do we have any existing validations or feature to protect such attacks in abp.io?

• ABP Framework version: v7.2.2
• UI Type: Angularr
• Database System: EF Core (PostgreSQL)
• Tiered (for MVC) or Auth Server Separated (for Angular): yes/no
• Exception message and full stack trace:

Great, Thank you so much for the quick help.

Hi @liangshiwei

We have created a CustomTenantAppService

public class CustomTenantAppService : ApplicationService, ITenantAppService { //Some code here to return tenant related data }

DO we need to apply same [Authorize(SaasHostPermissions.Tenants.Default] in this class?