The issue was related to HTTPS communication and digital certificates. Our API module had its requests rejected by the AuthServer module due to missing SSL certificates. We resolved this by setting up a reverse proxy with Nginx, creating domains and subdomains in Cloudflare, and deploying an AWS EC2 instance.
When using Nginx as a reverse proxy for abp.io, it’s important to enable support for underscores in headers, since some headers used by Abp.io contain underscores. This can be done by adding the following directive:
underscores_in_headers on;
With this configuration, our token-related issues were resolved. Thank you for your help.
Good afternoon, we were not able to solve the problem with the AI-Bot solutions.
ABP version: 9.0.0 .Net version: 9.0.304 Node.js: 22.17.1 TypeScript: 5.3.3 Angular Version: 17.3.12
Good morning, the main problem is that we can not login via angular interface at the address https://localhost:44380/account/login?returnUrl=%2Fofertas-abertas. The tokens are cleaned after login and we get redirected back to login page. We get no errors. We are using a layered application with a separate service for authserver running at https://localhost:44334. Our API is running at https://localhost:44354. We have generate our certificates using the following code:
dotnet dev-certs https --trust
dotnet dev-certs https -ep ./localhost.pfx -p <password>
openssl pkcs12 -in localhost.pfx -nocerts -nodes -out localhost.key -passin pass: <password>
openssl pkcs12 -in localhost.pfx -clcerts -nokeys -out localhost.crt -passin pass: <password>
We are using a docker compose file:
services:
cargo_fleet-angular:
image: cargo_fleet-angular:latest
container_name: cargo_fleet-angular
build:
context: ../../../
dockerfile: angular/Dockerfile
args:
- build_env=${build_env}
ports:
- "44380:443"
depends_on:
- cargo_fleet-api
- cargo_fleet-authserver
networks:
- abp-network
volumes:
- ./certs:/etc/ssl/cargofleet
- ./dynamic-env.json:/usr/share/nginx/html/dynamic-env.json
cargo_fleet-api:
image: cargo_fleet-api:latest
container_name: cargo_fleet-api
hostname: cargo_fleet-api
build:
context: ../../
dockerfile: src/cargo_fleet.HttpApi.Host/Dockerfile
environment:
- ASPNETCORE_URLS=https://+:443;http://+:80;
- Kestrel__Certificates__Default__Path=/root/certificate/localhost.pfx
- Kestrel__Certificates__Default__Password=<password>
- App__SelfUrl=https://localhost:44354
- App__AngularUrl=https://localhost:44380
- App__CorsOrigins=https://localhost:44380,https://localhost:44334,https://localhost:44354
- App__HealthCheckUrl=https://cargo_fleet-api/health-status
- AuthServer__RequireHttpsMetadata=false
- AuthServer__Authority=https://localhost:44334
- AuthServer__MetaAddress=https://localhost:44334
- ConnectionStrings__Default=Server=postgres;Port=5432;Database=cargo_fleet;User Id=postgres;Password=root;
- Redis__Configuration=redis
- AbpLicenseCode=<license-code>
ports:
- "44354:443"
redis:
condition: service_healthy
restart: on-failure
volumes:
- ./certs:/root/certificate
networks:
- abp-network
cargo_fleet-authserver:
image: cargo_fleet-authserver:latest
container_name: cargo_fleet-authserver
build:
context: ../../
dockerfile: src/cargo_fleet.AuthServer/Dockerfile
environment:
- ASPNETCORE_URLS=https://+:443;http://+:80;
- App__SelfUrl=https://localhost:44334
- App__CorsOrigins=https://localhost:44380,https://localhost:44334,https://localhost:44354
- App__AngularUrl=https://localhost:44380
- AuthServer__RequireHttpsMetadata=false
- AuthServer__Authority=https://localhost:44334
- Kestrel__Certificates__Default__Path=/root/certificate/localhost.pfx
- Kestrel__Certificates__Default__Password=<password>
- ConnectionStrings__Default=Server=postgres;Port=5432;Database=cargo_fleet;User Id=postgres;Password=root;
- Redis__Configuration=redis
- AbpLicenseCode=<license-code>
ports:
- "44334:443"
redis:
condition: service_healthy
restart: on-failure
volumes:
- ./certs:/root/certificate
networks:
- abp-network
db-migrator:
image: cargo_fleet-db-migrator:latest
container_name: db-migrator
build:
context: ../../
dockerfile: src/cargo_fleet.DbMigrator/Dockerfile
environment:
- OpenIddict__Applications__cargo_fleet_App__RootUrl=https://localhost:44380
- OpenIddict__Applications__cargo_fleet_Swagger__RootUrl=https://localhost:44354
- ConnectionStrings__Default=Server=postgres;Port=5432;Database=cargo_fleet;User Id=postgres;Password=root;
- Redis__Configuration=redis
restart: on-failure
networks:
- abp-network
redis:
container_name: redis
image: redis:alpine
ports:
- "6379:6379"
networks:
- abp-network
healthcheck:
test: ["CMD", "redis-cli","ping"]
postgres:
image: postgres:latest
container_name: postgres
restart: always
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: root
POSTGRES_DB: cargo_fleet
ports:
- "5432:5432"
volumes:
- postgres_data:/var/lib/postgresql/data
networks:
- abp-network
volumes:
sqldata:
name: cargo_fleet_sqldata
postgres_data:
networks:
abp-network:
name: cargo_fleet-network
driver: bridge
We are using dynamic-env.json as well:
{
"production": true,
"application": {
"baseUrl": "https://localhost:44380",
"name": "cargo_fleet"
},
"oAuthConfig": {
"issuer": "https://localhost:44334/",
"redirectUri": "https://localhost:44380",
"clientId": "cargo_fleet_App",
"dummyClientSecret": "",
"scope": "offline_access cargo_fleet",
"requireHttps": true,
"IsSelfRegistrationEnabled": false
},
"apis": {
"default": {
"url": "https://localhost:44354",
"rootNamespace": "cargo_fleet"
},
"AbpAccountPublic": {
"url": "https://localhost:44334/",
"rootNamespace": "AbpAccountPublic"
}
},
"firebaseConfig": {
"apiKey":<firebase-api-key>,
"authDomain": <firebase-auth-domain>,
"projectId": <firebase-id>
"storageBucket": <storage-bucket>
"messagingSenderId": <message-sender-id>
"appId": <app-id>,
"measurementId": <measurement-id>
},
"vapidKey": <vapid-key>
}
Our environment.prod.ts:
(...)
remoteEnv: {
url: '/getEnvConfig',
mergeStrategy: 'overwrite' }
} as Environment;
