Yes, you can do that in the
LoggedOutModel
class
If we can, then could you please help how can we?
hi
You can't get user info in the
LoggedOutModel
class. so you can't output a username to security logs.
so, can we say that it's not possible to update username in log table for logout action?
Hi,
Could you explain it in detail? thanks
using this code, it is not redirecting to login page, I want if new session is active in new browser, then the previous browser's application should redirect to login page.
if (httpContext.User.Identity != null && httpContext.User.Identity.AuthenticationType == "Identity.Application")
{
await httpContext.RequestServices.GetRequiredService<AbpSignInManager>().SignOutAsync();
await httpContext.ChallengeAsync("Identity.Application");
}
//JWT
if (httpContext.User.Identity != null && httpContext.User.Identity.AuthenticationType == "AuthenticationTypes.Federation")
{
await httpContext.ChallengeAsync(JwtBearerDefaults.AuthenticationScheme);
}
hi
We have output the log on
LogoutModel
. Why you are overriding theLoggedOutModel
?
I'm overriding as before logout, I need to call ADFS logout as well so first I'm redirecting to logout from third party than calling ABP's logout. With ABP's method, I am able to save the userid and action in my log table but username is not updating.
hi
Please share the code of your
logout
code, Thanks
we are calling this method, first we are calling external logout URL.
[Dependency(ReplaceServices = true)]
[ExposeServices(typeof(LoggedOutModel))]
public class CustomLogout: LoggedOutModel
{
public override Task<IActionResult> OnGetAsync()
{
IConfigurationRoot _config = new ConfigurationBuilder().SetBasePath(Directory.GetParent(AppContext.BaseDirectory).FullName)
.AddJsonFile("appsettings.json", false).Build();
var externalLogout = _config.GetSection("ADFSConfig:EndSession").Get<string>();
Response.Redirect(externalLogout);
return base.OnGetAsync();
}
}
Hi
Add your code into
CurrentPrincipalAccessor
'change
scope.var userPrincipal = await SignInManager.CreateUserPrincipalAsync(user); using (CurrentPrincipalAccessor.Change(userPrincipal)) { await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext() { Identity = IdentitySecurityLogIdentityConsts.IdentityExternal, Action = "Login" + result }); }
var userPrincipal = await SignInManager.CreateUserPrincipalAsync(user); using (CurrentPrincipalAccessor.Change(userPrincipal)) { await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext() { Identity = IdentitySecurityLogIdentityConsts.IdentityExternal, Action = result.ToIdentitySecurityLogAction(), UserName = user.Name }); }
thanks, it is working, but how can we do the same in logout as on logout userId is updated but username is null.
hi
var userPrincipal = await SignInManager.CreateUserPrincipalAsync(user); using (CurrentPrincipalAccessor.Change(userPrincipal)) { await IdentitySecurityLogManager.SaveAsync() }
SaveAsysc required to pass IdentitySecurityLogContext and in IdentitySecurityLogContext object only I'm not getting userId property, how userPrincipal is useful here ?
What is the purpose for adding ConCurrentUserId property and how it will be useful
It stores the currently loggedin concurrent ID and adds it to user claims.
Check the concurrent ID in the middleware, logout if it is different.
https://github.com/abpframework/abp-samples/blob/master/ConcurrentLogin/src/ConcurrentLogin.Web/ConcurrentLoginWebModule.cs#L264
Thank you, this is working but it is not redirecting to login page for previous browser
public override async Task<IActionResult> OnGetExternalLoginCallbackAsync(string returnUrl = "", string returnUrlHash = "", string remoteError = null)
{
IConfigurationRoot _config = new ConfigurationBuilder().SetBasePath(Directory.GetParent(AppContext.BaseDirectory).FullName)
.AddJsonFile("appsettings.json", false).Build();
string webBaseUri = _config.GetSection("WebUISetting:URL").Get<string>();
if (remoteError != null)
{
Logger.LogWarning($"External login callback error: {remoteError}");
return RedirectToPage("./Login");
}
await IdentityOptions.SetAsync();
var loginInfo = await SignInManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
Logger.LogWarning("External login info is not available");
return RedirectToPage("./Login");
}
var userName = loginInfo.Principal.FindFirstValue(ClaimTypes.Name);
var result = await SignInManager.ExternalLoginSignInAsync(
loginInfo.LoginProvider,
userName,
isPersistent: false,
bypassTwoFactor: true
);
if (!result.Succeeded)
{
**await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
{
Identity = IdentitySecurityLogIdentityConsts.IdentityExternal,
Action = "Login" + result
});**
}
var user = await UserManager.FindByNameAsync(userName);
if (result.Succeeded && user != null)
{
var activeUserOrganizationUnitMappings = await _userOrganizationUnitExt_TRRepository.GetListAsync(x => x.UserId == user.Id && x.IsActive);
if (user.IsActive && activeUserOrganizationUnitMappings != null && activeUserOrganizationUnitMappings.Any())
{
user.SetProperty(CommonConsts.ConCurrentUserId, new Guid().ToString("N"));
await UserManager.UpdateAsync(user);
await SignInManager.SignInAsync(user, false);
await IdentitySecurityLogManager.SaveAsync(new IdentitySecurityLogContext()
{
Identity = IdentitySecurityLogIdentityConsts.IdentityExternal,
Action = result.ToIdentitySecurityLogAction(),
UserName = user.Name
});
return RedirectSafely(returnUrl, returnUrlHash);
}
}
}
I tried this, but still, I'm able to do the login in two different browsers at the same time.
What is the purpose for adding ConCurrentUserId property and how it will be useful? Also, on every login we need to assign same value for same user or different value?