Okay, thank you for your help.
In my scenario, two-factor authentication (2FA) is turned off in the MVC host application, but the settings menu continues to show up in the Angular frontend.
Thanks.
Clients have reported that the SessionStateService frequently fails to retrieve the correct tenant information in new web environments or incognito mode. Our tests confirm this issue. Has there been any solution to this problem yet?
[maliming] said: hi
You can use same authserver and api domain for different domains angular apps.
The current error is from angular.
Can you make your angular home component doesn’t require authorization?
Which means I have to click login button in angular website then redirect to authserver.
Thanks.
How can I configure it so that the tenant app does not display the tenant switching feature when redirecting to the authserver?
import { AuthService } from '@abp/ng.core';
import { Component, inject } from '@angular/core';
import { Router } from '@angular/router';
@Component({
standalone: false,
selector: 'app-home',
templateUrl: './home.component.html',
styleUrls: ['./home.component.scss'],
})
export class HomeComponent {
private router = inject(Router);
get hasLoggedIn(): boolean {
return this.authService.isAuthenticated;
}
constructor(private authService: AuthService) {
// if (this.hasLoggedIn) {
// this.goDashboard();
// }
// else {
// this.login();
// }
}
login() {
this.authService.navigateToLogin();
}
goDashboard() {
this.router.navigate([`/dashboard`]);
}
}
Why can't we do it this way?
You're right. I removed the following code, and now the login works fine—manually going to the dashboard works as expected. https://imm.koimpact.tw/dashboard
However, for my tenant Angular app, how should it reach the auth server with tenant identification? Currently, it can switch tenants, which is not the result we want.
[maliming] said: hi
You can use same authserver and api domain for different domains angular apps.
The current error is from angular.
Can you make your angular home component doesn’t require authorization?
Which means I have to click login button in angular website then redirect to authserver.
Thanks.
It will have to wait until I release a new version. Thank you.
Option 1 (Preferred Approach) For all tenants:
Auth Server: https://auth.koimpact.tw/
API: https://api.koimpact.tw/
For each tenant's Angular app:
https://{0}-app.koimpact.tw/
Option 2 For each tenant:
Auth Server: https://{0}-auth.koimpact.tw/
API: https://{0}-api.koimpact.tw/
Angular App: https://{0}-app.koimpact.tw/
Question: Are both of these options feasible, or is only Option 2 possible?
[maliming] said: hi
Auth Server: Configured as https://imm-auth.koimpact.tw/ API Endpoint: Configured as https://imm-api.koimpact.tw/
Is the
immthe tenant's name?If you have a new tenant
testAuth Server: Configured as https://test-auth.koimpact.tw/ API Endpoint: Configured as https://test-api.koimpact.tw/
Is the imm the tenant's name?
Yes.
So, we cannot have multiple tenants pointing to the same auth server (e.g., auth.koimpact.tw)? Instead, does each tenant require its own dedicated configuration, like:
https://{0}-auth.koimpact.tw/
https://{0}-api.koimpact.tw/
And is this configured via:
csharp
Configure<AbpTenantResolveOptions>(options =>
{
options.AddDomainTenantResolver(configuration["TenantDomain"]);
});
Is that correct?
