How do we handle session in Aspn.Net boiler plate? My question is, I need to implement a logout user feature. How to I unauthorize a user, or in other hand, how do I reset the session?
I have a web api, not a dynamic web api. A user login by providing the credentials to the api, and in response gets a token, which is passed back to the other methods in the api controller along with other requests. I have a logout feature - if a user clicks the logout button, I need to logout that particular user, disable that session and token.
1 Answer(s)
-
0
ABP itself does not provide a mechanism. It gets UserId/TenantId from current principal of httpcontext. In a cookie auth, it's stored in the cookie. If you use ASP.NET Identity, you can use SignInManager.SignOut (it actually simply delete the cookie). For the token auth, as I know, there is no direct way of logouting a user before token expire. You can google it for workarounds.
