Open Closed

Login flow control #1989


0
lalitChougule created
  • ABP Framework version: v4.3.1
  • UI type: Angular
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): yes
  • Exception message and stack trace:
  • Steps to reproduce the issue:"

Requirements

  1. When user enters the credentials I just want to validate the credentials, If it is valid I want to show few questionnaire
  2. Once all the questions are answered correctly then I want to actually create token

Current situation

  1. When user enter credentials token is generated. How do I stop this.
  2. Then I redirect user to questionnaire but the fact is user is already logged in. I want to avoid this.
  3. Post my questionnaire user is redirected to dashboard if answered correctly and logout if answers are wrong.

I hope you got my requirements clear. Please suggest me the easiest way to achieve this.


5 Answer(s)
  • 0
    albert created
    Support Team

    This is not supported out of the box as the Identity Server changes need to be done. Gettting token is an Identity Server feature, to prevent sending tokens only with username & password, you can customize the Identity Server 4 or you can ask directly to Identity Server contributors https://github.com/IdentityServer/IdentityServer4. Check out https://docs.identityserver.io/en/latest/topics/custom_token_request_validation.html

    Sorry but this is a 3rd party question and we have limited support on 3rd party library questions.

  • 0
    lalitChougule created

    I was able to validate user credentitals using await _signInManager.CheckPasswordSignInAsync() Now I just want to know below things, This is angular login component code

    login(params: LoginParams): Observable<any>; Which backend method is called when the above method is called from angular component ?

    May be I can make a wrapper method and call this backend login method in my method once I done with my requirement.

    import { Injector } from '@angular/core';
    import { Params } from '@angular/router';
    import { Observable } from 'rxjs';
    import { LoginParams } from '../strategies/auth-flow.strategy';
    import * as ɵngcc0 from '@angular/core';
    export declare class AuthService {
        protected injector: Injector;
        private strategy;
        get isInternalAuth(): boolean;
        constructor(injector: Injector);
        init(): Promise<any>;
        logout(queryParams?: Params): Observable<any>;
        /**
         * @deprecated Use navigateToLogin method instead. To be deleted in v5.0
         */
        initLogin(): void;
        navigateToLogin(queryParams?: Params): void;
        login(params: LoginParams): Observable<any>;
        static ɵfac: ɵngcc0.ɵɵFactoryDef<AuthService, never>;
    }
    
  • 0
    lalitChougule created

    @albert Please reply.

  • 0
    lalitChougule created

    Is there any answer for this question ?

  • 0
    bunyamin created
    Support Team

    Hello,

    AuthService uses this package for authentication.

    When you take a look at the AuthService, you will realize it uses one of the two different strategies, Code and Password. Since you want to handle authentication on the angular side, you need to employ Resource Owner Password Flow in your application which is usually just to remove responseType: code from environment.ts