- ABP Framework version: v6.0.0
- UI Type: Angular
- Database System: EF Core (SQL Server)
- Tiered (for MVC) or Auth Server Separated (for Angular): yes/no
- Exception message and full stack trace:
- Steps to reproduce the issue:
Hi, I am trying to implement a restore session in my angular application, need to say that it is an electron app with angular, all the application is working fine if I login using the normal flow for the authentication, but if I try to restore the session values (local storage), then initiate the app looks like the session is restored (I can call all the services inside without any issue with the same token) but I am facing a permissions problem, I believe is related to abp permissions or some facets inside the abp angular implementation, because it is not getting access to the resources of the application, I assuming in the normal flow when I logging using oauth2 something in abp framework is being called to allow permissions to the assets and resources, which is not the case in this interaction because the normal flow on the login is not happening in this case. Take a look the following image:
In another test I did, using an admin user that has access to different tenants, if I try to select a different tenant then the application is refreshed allowing access again to the assets and resources. Obviously this is not happening with a regular using that doesn't have the impersonation permission.
So in short, just need to know if there exists a way in abp to run by code the refresh of the app.
Thanks in advance.
3 Answer(s)
-
0
Hello,
ABP does not use Session related services by default but uses claims-based authentication and authorization. please read more here https://learn.microsoft.com/en-us/aspnet/core/security/authentication/?view=aspnetcore-7.0#authentication-concepts
Just FYI, ABP itself doesn't directly provide a "Session Management" module as a standalone feature, it's likely that it leverages the session management capabilities provided by the underlying ASP.NET Core framework.
I think you need to refresh the permissions and for that you may check similar issue https://support.abp.io/QA/Questions/5490/Need-to-refresh-the-list-of-static-permission-definitions-without-site-reload
And the way you are asking to refresh the application ABP uses Refresh token flow , please read more here https://docs.abp.io/en/commercial/7.4/modules/openiddict#refresh-token I hope you find this information helpful.
thanks
-
0
Thanks for the info, I have more clarification on some things, an additional point that I missed is, the functionality I need to add requires some functionality in offline mode, basically the electron app will be working without network (internet) connection, thats why I asked if the angular abp module has something related to apply permissions, due mostly the authentication works together with .NET Core Auth Server in order to get the credentials, I wondering If I will be able to develop an offline functionality to my app, using my last
access_tokenacquired through login flow and using it to apply permissions according to the claims inside that token. -
0
I am not sure but
refreshAppStatemethod ofConfigStateServicemight be usefull for your case, could you try?By the way i didn't understand your case fully how can you make request without network (i mean in offline mode)?
