Activities of "maliming"
Code flow:
- angular click login and redirect to auth server website.
- auth server logged a user and generate a
codeand redirected to angular(localhost:4200?code=xxx) - angular uses the code to request
connect/tokento get access_token and id_token. - angular uses the token to call API
- angular click log out and make a request to tell the auth server to revoke the access token.
The above is the right way. This is the oauth2 protocol and you cannot change it
https://developer.okta.com/blog/2018/04/10/oauth-authorization-code-grant-type
hi
You are breaking the oauth flow, which means you are going the wrong way.
You have to follow the process to pass the code to angular app. There is no other way other than that.
Abp's template project uses the standard oauth2 process to authenticate for angular. You may consider following this approach instead of your custom authentication.
Yes, You can use local filesystem as document source.
If you need to overwrite the Login page I can share the source code of this page with you. Which version do you need?
I'm a little confused. Do you change the permissions from the UI page(via code) or directly in the database?
If you change the permission from the UI page, the framework will clear the cache automatically, which means you don't need the extra code.
This is correct flow:
- request to authserver project
- authserver check the user and redirect to angular(localhost:4200) with the code
- angular use the code to get tokens.
You have to give the code to angular app. this is standard Oauth2 code flow to let the angular get token from authserver.
hi
Please try to create a number release.(1.0.0)
Will it directly pull from the git in runtime.
It will use caching, but you can force it to get the latest from Github in the project page.
In such case if im hosting my application in OnPrem deployment, where application maynot have access to internet, what could i do ?
I don't know about the OnPrem deployment
If you use Github as document source, your app must access the Github.com
hi
Can you share your project to liming.ma@volosoft.com ?
I will download and check it.
Thanks.
https://github.com/abpframework/abp/pull/21189/
hi
1 and 2 make http requests to auth server and redirect to angular(3, 4)
Your angular doesn't get the tokens.
The code flow should return the code to the angular app. and angular will use code to get tokens.
