using System;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Identity;
using Volo.Abp.DependencyInjection;
using Volo.Abp.Security.Claims;
using Volo.Abp.SecurityLog;
using Volo.Abp.Users;
namespace Volo.Abp.Identity;
public class IdentitySecurityLogManager : ITransientDependency
{
protected ISecurityLogManager SecurityLogManager { get; }
protected IdentityUserManager UserManager { get; }
protected ICurrentPrincipalAccessor CurrentPrincipalAccessor { get; }
protected IUserClaimsPrincipalFactory<IdentityUser> UserClaimsPrincipalFactory { get; }
protected ICurrentUser CurrentUser { get; }
public IdentitySecurityLogManager(
ISecurityLogManager securityLogManager,
IdentityUserManager userManager,
ICurrentPrincipalAccessor currentPrincipalAccessor,
IUserClaimsPrincipalFactory<IdentityUser> userClaimsPrincipalFactory,
ICurrentUser currentUser)
{
SecurityLogManager = securityLogManager;
UserManager = userManager;
CurrentPrincipalAccessor = currentPrincipalAccessor;
UserClaimsPrincipalFactory = userClaimsPrincipalFactory;
CurrentUser = currentUser;
}
public async Task SaveAsync(IdentitySecurityLogContext context)
{
Action<SecurityLogInfo> securityLogAction = securityLog =>
{
securityLog.Identity = context.Identity;
securityLog.Action = context.Action;
if (!context.UserName.IsNullOrWhiteSpace())
{
securityLog.UserName = context.UserName;
}
if (!context.ClientId.IsNullOrWhiteSpace())
{
securityLog.ClientId = context.ClientId;
}
foreach (var property in context.ExtraProperties)
{
securityLog.ExtraProperties[property.Key] = property.Value;
}
};
if (CurrentUser.IsAuthenticated)
{
await SecurityLogManager.SaveAsync(securityLogAction);
}
else
{
if (context.UserName.IsNullOrWhiteSpace())
{
await SecurityLogManager.SaveAsync(securityLogAction);
}
else
{
var user = await UserManager.FindByNameAsync(context.UserName);
if (user != null)
{
using (CurrentPrincipalAccessor.Change(await UserClaimsPrincipalFactory.CreateAsync(user)))
{
await SecurityLogManager.SaveAsync(securityLogAction);
}
}
else
{
await SecurityLogManager.SaveAsync(securityLogAction);
}
}
}
}
}
As per the sample code, I need to add like this
user.SetProperty(ConcurrentLoginConsts.ConcurrentLoginToken, Guid.NewGuid().ToString("N")); await UserManager.UpdateAsync(user); return await base.PasswordSignInAsync(user, password, isPersistent, lockoutOnFailure);
In sample code we are using PasswordSignInAsync, will it work with SignInAsync as well? or SignInWithClaimsAsync is required after adding this ?
If I just add this code, will it be enough?
user.SetProperty("ConCurrentUserId", Guid.NewGuid().ToString("N"));
await UserManager.UpdateAsync(user);
await SignInManager.SignInAsync(user, false);
In my application, I'm doing external login (ADFS login), once it is success on ExternalLogincallback, I'm calling ExternalLoginSignInAsync as below
var result = await SignInManager.ExternalLoginSignInAsync( loginInfo.LoginProvider, userName, isPersistent: false, bypassTwoFactor: true );
once it is also successful, I'm calling below function
await SignInManager.SignInAsync(user, false);
but using these steps I'm not able to prevent concurrent login in two browsers, I have found the existing solution https://support.abp.io/QA/Questions/1023/How-to-prevent-ConCurrent-Users-from-logging-in-using-the-same-user-credentials
By following this I can add MyAbpClaimsPrincipalContributor and MyAbpClaimsService but I'm not sure, how I can implement in my application, could you please help me where can I use this in my application when I'm using ExternalLoginSignInAsync and SignInAsync.
ABP Framework version: v5.3.2
UI Type:React
Database System: EF Core (SQL Server)
Tiered (for MVC) or Auth Server Separated (for Angular): yes
Exception message and full stack trace:NA
Steps to reproduce the issue: Call ExternalLoginSignInAsync and SignInAsync
Could you please help with an example, how can I change the current Principal to override the ICurrentUser ?
In my application, in case of Logout, userId inserted automatically but username is not updating and in case of LoginSucceeded User id is not updating (it is external login), I want to add userid in AbpSecurityLogs if LoginSucceeded. I'm able to set the username but not userId Provide us with the following info:
await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext() { Identity = IdentitySecurityLogIdentityConsts.Identity, Action = Microsoft.AspNetCore.Identity.SignInResult.Success.ToIdentitySecurityLogAction(), UserName = user.Name });
we are using this to add UserName but here UserId is not present.
In case of insert using abp, creation time and creator id is updating automatically, but in case of insert many, creator id and creation time is not inserting, as it is get only field, I'm not able to assign any value. Please help me with the solution.
I have followed steps present on - https://docs.abp.io/en/abp/latest/Text-Templating-Scriban it is working as expected in local but after deployment I'm not able to render the templates, how can I get TextTemplate folder on deployment server (the folder which contains .tpl files). Right now, at the time of rendering I'm getting error "foldername/templatename.tpl" not found.