Activities of "Priyanka"

All Question Answer
Newest Oldest
Prevent concurrent login in different browsers #6127
Answer

Hi,

So, preventing concurrent logins from different browsers is working now but the previous browser did not redirect to the login page

You can redirect:

if (httpContext.User.Identity != null && httpContext.User.Identity.AuthenticationType == "Identity.Application") 
{ 
    await httpContext.RequestServices.GetRequiredService<AbpSignInManager>().SignOutAsync(); 
    //await httpContext.ChallengeAsync("Identity.Application"); 
     
    var redirectUrl = "..."; 
    httpContext.Response.Redirect(redirectUrl); 
    return; 
}

I tried this but it is stuck in infinite loop, it is redirecting to login and somehow it is coming again on this condition, condition is satisfied and redirecting again and this whole process is keep going.

How Can I add user Id in AbpSecurityLogs table? #6118
Answer

sorry, you can't do that in the LoggedOutModel class

Ok, thanks for your support.

How Can I add user Id in AbpSecurityLogs table? #6118
Answer

Yes, you can do that in the LoggedOutModel class

If we can, then could you please help how can we?

How Can I add user Id in AbpSecurityLogs table? #6118
Answer

hi

You can't get user info in the LoggedOutModel class. so you can't output a username to security logs.

so, can we say that it's not possible to update username in log table for logout action?

Prevent concurrent login in different browsers #6127
Answer

Hi,

Could you explain it in detail? thanks

using this code, it is not redirecting to login page, I want if new session is active in new browser, then the previous browser's application should redirect to login page.

if (httpContext.User.Identity != null && httpContext.User.Identity.AuthenticationType == "Identity.Application")
                    {
                        await httpContext.RequestServices.GetRequiredService&lt;AbpSignInManager&gt;().SignOutAsync();
                        await httpContext.ChallengeAsync("Identity.Application");
                    }

                    //JWT
                    if (httpContext.User.Identity != null && httpContext.User.Identity.AuthenticationType == "AuthenticationTypes.Federation")
                    {
                        await httpContext.ChallengeAsync(JwtBearerDefaults.AuthenticationScheme);
                    }
How Can I add user Id in AbpSecurityLogs table? #6118
Answer

hi

We have output the log on LogoutModel. Why you are overriding the LoggedOutModel?

I'm overriding as before logout, I need to call ADFS logout as well so first I'm redirecting to logout from third party than calling ABP's logout. With ABP's method, I am able to save the userid and action in my log table but username is not updating.

How Can I add user Id in AbpSecurityLogs table? #6118
Answer

hi

Please share the code of yourlogout code, Thanks

we are calling this method, first we are calling external logout URL.

[Dependency(ReplaceServices = true)]
[ExposeServices(typeof(LoggedOutModel))]
public class CustomLogout: LoggedOutModel
{
   
    public override Task&lt;IActionResult&gt; OnGetAsync()
    {
        IConfigurationRoot _config = new ConfigurationBuilder().SetBasePath(Directory.GetParent(AppContext.BaseDirectory).FullName)
             .AddJsonFile("appsettings.json", false).Build();
        var externalLogout = _config.GetSection("ADFSConfig:EndSession").Get&lt;string&gt;();
        Response.Redirect(externalLogout);
        return base.OnGetAsync();
    }
     
}
How Can I add user Id in AbpSecurityLogs table? #6118
Answer

Hi

Add your code into CurrentPrincipalAccessor' changescope.

var userPrincipal = await SignInManager.CreateUserPrincipalAsync(user);  
using (CurrentPrincipalAccessor.Change(userPrincipal))  
{  
      await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext() 
      { 
          Identity = IdentitySecurityLogIdentityConsts.IdentityExternal, 
          Action = "Login" + result 
      }); 
}  

var userPrincipal = await SignInManager.CreateUserPrincipalAsync(user);  
using (CurrentPrincipalAccessor.Change(userPrincipal))  
{  
       await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext() 
      { 
              Identity = IdentitySecurityLogIdentityConsts.IdentityExternal, 
              Action = result.ToIdentitySecurityLogAction(), 
              UserName = user.Name 
      }); 
}

thanks, it is working, but how can we do the same in logout as on logout userId is updated but username is null.

How Can I add user Id in AbpSecurityLogs table? #6118
Answer

hi

var userPrincipal = await SignInManager.CreateUserPrincipalAsync(user); 
using (CurrentPrincipalAccessor.Change(userPrincipal)) 
{ 
       await IdentitySecurityLogManager.SaveAsync() 
}

SaveAsysc required to pass IdentitySecurityLogContext and in IdentitySecurityLogContext object only I'm not getting userId property, how userPrincipal is useful here ?

Prevent concurrent login in different browsers #6127
Answer

What is the purpose for adding ConCurrentUserId property and how it will be useful

It stores the currently loggedin concurrent ID and adds it to user claims.

Check the concurrent ID in the middleware, logout if it is different.

https://github.com/abpframework/abp-samples/blob/master/ConcurrentLogin/src/ConcurrentLogin.Web/ConcurrentLoginWebModule.cs#L264

Thank you, this is working but it is not redirecting to login page for previous browser

顯示 119 個紀錄的 101 到 110 個.
Made with ❤️ on ABP v8.2.0-preview Updated on 3月 25, 2024, 15:11