Login and generate access token in app service #3044 | Support Center | ABP Commercial

alin.andersen created 2 years ago

Hey,

we need to perform sign-in in code and then generate an access token (JWT token) for that user, so we can send the token to our mobile app.

Currently we have an AuthenticationAppService which has a login method like this:

    public class AuthenticationService : ApplicationService, IAuthenticationAppService
    {
        private readonly IdentityUserManager _userManager;
        private readonly SignInManager<Volo.Abp.Identity.IdentityUser> _signInManager;
        
        public AuthenticationService(
            IdentityUserManager userManager,
            SignInManager<Volo.Abp.Identity.IdentityUser> signInManager)
        {
            _userManager = userManager;
            _signInManager = signInManager;
        }

        public async Task<LoginResult> LoginAsync(LoginInput input)
        {
            var user = await _userManager.FindByNameAsync(input.Username);

            if (user == null)
            {
                return new LoginResult()
                {
                    Success = false,
                };
            }

            var result = await _signInManager.CheckPasswordSignInAsync(user, input.Password, false);

            if (!result.Succeeded)
            {
                return new LoginResult()
                {
                    Success = false,
                };
            }

            // Generate access token.
            var accessToken = ???;

            return new LoginResult()
            {
                Success = true,
                AccessToken = accessToken,
            };
        }
    }

The sign-in works, but how can we retrieve or generate an access token. We have a tiered solution, so the identity server is in another project.

ABP Framework version: v5.2.1
UI type: Blazor
DB provider: EF Core
Tiered (MVC): yes

4 Answer(s)

0

maliming created 2 years ago
Support Team Fullstack Developer

hi

Are you using the Identity Server?
0

Rajasekhar created 2 years ago

In My case, I am using identity server. We have this requirement also for generate access_token. Is there any logic for token generation manually
0

alin.andersen created 2 years ago

hi

Are you using the Identity Server?

Yes we do.
0

gterdem created 2 years ago
Support Team Senior .NET Developer

You shouldn't be generating access_token manually in the login process. All of the flows are created because of security reasons.

In tiered application, your web application is not the Secure Token Server (STS) to grant you the access token. IdentityServer is the STS and you need to get and validate your tokens to IdentityServer.

That being said, you can make a request to IdentityServer /connect/token endpoint with supported grant types to get access_token.

Have an answer to this question? Log in and write your answer.