Angular Passwordless #6240 | Support Center | ABP Commercial

Payoff created 5 months ago

We are trying to implement the Passwordless solution, following the guidelines provided at https://community.abp.io/posts/implementing-passwordless-authentication-with-asp.net-core-identity-c25l8koj. However, the solution is for MVC, and we have revised it to work with Angular. The issue is with the login, which, instead of doing this (not works with angular): `

        public virtual async Task&lt;IActionResult&gt; Login(string token, string userId)
        {
            var user = await UserManager.FindByIdAsync(userId);

            var isValid = await UserManager.VerifyUserTokenAsync(user, "PasswordlessLoginProvider", "passwordless-auth", token);
            if (!isValid)
            {
                throw new UnauthorizedAccessException("The token " + token + " is not valid for the user " + userId);
            }

            await UserManager.UpdateSecurityStampAsync(user);
            await SignInManager.SignInAsync(user, isPersistent: false);
            return Redirect("/");
        }

` should obtain an authorization token or something similar. Can you provide us with the code to generate the authentication and enable the login? Thank you.

ABP Framework version: v7.4.2
UI Type: Angular
Database System: EF Core (PostgreSQL)
Integrated OpenIddict Auth Server with Angular

3 Answer(s)

0

maliming created 5 months ago
Support Team Fullstack Developer

hi

Angular uses oAuth2 as an authentication method, You should not do this. It breaks the design.
0

Payoff created 5 months ago

I understand, but I also know that real-world applications often use Passwordless authentication with Angular. The first step involves creating a passwordless token and sending it via email, allowing the user to input it on the login page. We have already accomplished this. Now, I believe the next step is to create an authorization token to send back to the Angular application for use, provided that the token is correct. If the bearer token was created by OpenIddict, it should be recognized. Does that sound good to you? If so, how can I obtain a token on the server side within the app service so that I can send it back to the client?

Thanks Michele

maliming created 5 months ago

Support Team Fullstack Developer

You can add a new grand type to implement the passwordless.


var token = await UserManager.GenerateUserTokenAsync(adminUser,"PasswordlessLoginProvider","passwordless-auth");

await UserManager.VerifyUserTokenAsync(user,"PasswordlessLoginProvider","passwordless-auth",token);

https://community.abp.io/posts/how-to-add-a-custom-grant-type-in-openiddict.-6v0df94z

Have an answer to this question? Log in and write your answer.