Is there also a possibility to give some information about how can I obtain the TwoFactor option ( Forced / Optional ) from Settings , which can be settled up by admin host account ? ( i try to use ISettingsProvider in overwritten Login.cshtml.cs , to obtain this settings but idk how it is named )
var twoFactorForcedEnabled = await IdentityProTwoFactorManager.IsForcedEnableAsync();
var twoFactorEnabled = await ProfileAppService.GetTwoFactorEnabledAsync();
var tasAuthenticator = await AccountAppService.HasAuthenticatorAsync();
};
Is it possible to attach to the end of the authenticator app configuration process and then for example force user to relogin after he will end the configuration process , and will have to re-authenticate within the configured authenticator app ?
you can override the /Pages/Account/Components/ProfileManagementGroup/TwoFactor/Default.js
Try install Volo.Abp.Http.Client.IdentityModel.Web package and add the module dependency
Hi,
Okay, it seems you also need to filter with the current branch.
I don't recommend that you use the organization unit, It is very different.
you need to implement it yourself to control any details,
Here are some documents for your reference
Hi,
ChatHub is an empty hub class
ABP uses hub context to send messages to clients and uses application service to receive requests from clients
Hi,
You create a new AwsAuditingStore and write nothing.
if you want to save audit logs to the database, you should remove it and add typeof(AbpAuditLoggingEntityFrameworkCoreModule), to your IntegrationServicesTimeCardServiceModule
okay, I see.
ABP supports Authenticator TOTP, but does not force the user to set it when logging in.
https://abp.io/docs/9.0/modules/identity/two-factor-authentication#user-side
You need to implement it yourself. For example, override login page to check If the user has configured Authenticator. Redirect to the configure page if not.
//inject IAccountAppService
protected IAccountAppService AccountAppService;
....
if(!await AccountAppService.HasAuthenticatorAsync())
{
return Redirect("/Account/Manage#Volo-Abp-Account-AuthenticatorApp");
}
You should also add a new middleware to check whether the current user has configured the Authenticator.
I have installed the Volo.Abp.Http.Client.IdentityModel package in the Host module of Service A and configured it in HttpApi.HostModule.cs as outlined in the documentation.
Please share your code and appsettings configuration
Would be great if you could take a look and fix that for upcoming releases.
Okay, we will
Because the 8.2.871 version is a beta version, we will upgrade it after a stable release.
Architecture and Design: How did you design the mapping between a single user and multiple tenants? Are there any specific database structures or entities used to facilitate this?
No, ABP does not support such a feature; each tenant's data is isolated.
Authorization and Role Management: How are roles and permissions handled for a user across different tenants? Does your solution support tenant-specific roles for the same user?
https://abp.io/support/questions/8533/Multi-Tenancy--one-user-instance-to-many-tenants#answer-3a170d88-228d-e716-8690-5fc2e111698a
Based on my previous suggestion, it can't handle the role well, and it still uses the user's own roles, but I think it should use the permissions under the tenant with the same role name(I'm not sure)
Implementation Details: Are there any particular ABP modules or configurations leveraged to achieve this?
No, ABP does not encourage this design. Instead, ABP recommends the use of linked accounts: https://abp.io/docs/latest/modules/account/linkedaccounts
This feature, as showcased in your platform, provides a seamless experience for users managing multiple organizations under one account.
Let me clarify: these users are under the same tenant and belong to different organizational units
