Activities of "nlachmuthDev"

Hello,

i would sugggest you to update to abp 8.0. There has been a lot of improvements how to work with NoTracking using the abp repositories.

Checkout the blog post for 8.0: https://blog.abp.io/abp/announcing-abp-8-0-release-candidate IReadonlyRepository now defaultly use EfCores NoTracking feature.

Kind regards Nico

Hi,

these tables belong to some optional modules. You can remove the modules for your applications and after that these tables wont be created.

Let me list the modules these tables belong to:

1. Multi-Tenancy/SaaS Module: SaasTenants SaasTenantConnectionStrings SaasEditions

2. Payment Module: PayPlans PayPaymentRequests PayPaymentRequestProducts PayGatewayPlans

3. Grpd Module: GdprInfo GdprRequests

4. Chat Module: ChatConversations ChatMessages ChatUserMessages ChatUsers

If you dont need these modules remove the dependencies from your projects and remove any references to them.

Hi Bunty,

to achieve your goal to assign applications or scopes to users or roles you would need to implement a couple of custom components:

1. An entity to store the assignments of users/roles to applications/scopes
2. A domain manager to managing this entity
3. A customer application service for crud operations for these assignments
4. Custom ui for assigning users/roles to applications

With these points you just have the assignments. This wont affect any authentication flows or the applications shown on the Index-Page of the auth server.

To hide the applications, a user is not assigned to, on the Index-Page you would need to change the Index.cshtml logic to use your custom assignments and filter out applications not permitted to the user. The user would still be able to access the applications if he has the URLs.

If you really want to customize the signin flow for your applications you could override the SignInManager in the AuthServer Project and check if the user has access to the requested application by looking for an assignment to the application with your custom entity. Here is an example how to customize: https://github.com/abpframework/abp/blob/a1f521d5bf02ee54f2ee285cfdf54bd70b94d9e8/docs/en/Community-Articles/2020-04-19-Customize-the-SignIn-Manager/POST.md#L9 But as gterdem already stated: Authentication flows are standards and shouldn't be altered.

Hope this helps you.

Kind Regards Nico

There is no setting to disable the email confirmation during user registration.

If you want to disable the sending of the email confirmation you would need to override the AccountAppService and overide the RegisterAsync-Method like this:

public override async Task<IdentityUserDto> RegisterAsync(RegisterDto input)
{
    await CheckSelfRegistrationAsync();

    if (await UseCaptchaOnRegistration())
    {
        var reCaptchaValidator = await RecaptchaValidatorFactory.CreateAsync();
        await reCaptchaValidator.ValidateAsync(input.CaptchaResponse);
    }

    await IdentityOptions.SetAsync();

    var user = new IdentityUser(GuidGenerator.Create(), input.UserName, input.EmailAddress, CurrentTenant.Id);

    input.MapExtraPropertiesTo(user);

    (await UserManager.CreateAsync(user, input.Password)).CheckErrors();
    (await UserManager.AddDefaultRolesAsync(user)).CheckErrors();
    
    //disable sending email confirmation mail for registrations
    //if (!user.EmailConfirmed)
    //{
    //    await SendEmailConfirmationTokenAsync(user, input.AppName, input.ReturnUrl, input.ReturnUrlHash);
    //}

    return ObjectMapper.Map<IdentityUser, IdentityUserDto>(user);
}

The customer made the following changes that resulted into the app starting now in azure:

• the first was the change to include the call to the AddEncryptionCertificate
• the second was I had failed to change the URLs for the SelfURL and Authority settings in the appsettings.production.json file.

Ok send me an invitation of to a zoom/teams/google meet call when you have time. Here is my e-mail: nico@chrobyte.de

Please send the invitation +- 30 mins before start, so there is some puffer for me. Thanks :)

The logs you provided show that the system cannot send mails. Please verify that the smtp settings are configured correctly.

Hi there,

sorry but there is no way to fetch all the packages.

As stated here, the nuget feeds for abp are based on a custom implementation. Listing all available packages does not work and its not planned to implement that feature.

I refunded your question.

Try it with also setting the variable WEBSITE_LOAD_USER_PROFILE=1.

If this still not works we can make a meeting so i can have a deep look into your project and the azure web service.

Ok i found out that the issue is only related to windows app services. Can reproduce it on a fresh f1 windows app service. You could try to add an application setting entry "WEBSITE_LOAD_USER_PROFILE" with the value 1 to your app service.

Here is the stackoverflow question i found in regards to azure web apps and x509 certs: https://stackoverflow.com/questions/66367406/cngkey-system-security-cryptography-cryptographicexception-the-system-cannot-fin

If the WEBSITE_LOAD_USER_PROFILE still not works you could try setting WEBSITE_LOAD_CERTIFICATES to some random value. There where some comments that this would only work for non shared web apps.

For the f1 plan i used to test it, this stackoverflow was really helpful: https://stackoverflow.com/questions/9951729/x509certificate-constructor-exception/10048789#10048789

Long story short, adding the MachineKeySet-StoreFlag to the constructor of the cert should fix the issue for you:

 private X509Certificate2 GetSigningCertificate(IWebHostEnvironment hostingEnv, IConfiguration configuration)
    {
        var fileName = "authserver.pfx";
        var passPhrase = "2D7AA457-5D33-48D6-936F-C48E5EF468ED";
        var file = Path.Combine(hostingEnv.ContentRootPath, fileName);

        if (!File.Exists(file))
        {
            throw new FileNotFoundException($"Signing Certificate couldn't found: {file}");
        }

        return new X509Certificate2(file, passPhrase, X509KeyStorageFlags.MachineKeySet);
    }