Base solution for your next web application
Open Closed

I'm experiencing some bugs when user has wrong date #2433


User avatar
0
luizluan created

My test team found this bug by accident, someone picked up a laptop that was stored and had a battery problem and tried to access the system.

My site uses digital certificate. When the user's computer time or date is incorrect, the system does not log in, so far so good, the problem is that sometimes the login works, most system functionality fails, and some queries bring other tenants' data. Is there any way to solve this easy. Or I will have to go by the hard way that would check the date of the client in javascript and compare with that of the server.

:mrgreen:


7 Answer(s)
  • User Avatar
    0
    luizluan created

    up

  • User Avatar
    0
    hikalkan created
    Support Team

    Your case seems very interesting.

    My site uses digital certificate. When the user's computer time or date is incorrect, the system does not log in, so far so good, the problem is that sometimes the login works, most system functionality fails

    This is a feature of certificates, not related to ABP. ABP has no mechanism to check date and prevent or allow user to access resources.

    and some queries bring other tenants' data.

    I could not understand how this is related to time problem. Bringing other tenant's data is very serious problem, but it can not be related to certificate problem. This can be related to a bug of your code or a bug of ABP framework. In any case, can you repeat it without that certificate problem? If you believe that's a bug, please create an issue on our github page.

  • User Avatar
    0
    luizluan created

    The problem is not related to the time my team went wrong, I made several tests changing the time and date and it did not occur. It seems to be a bit random when the system loses the session, after leaving the browser with the site open for a long period.

    I will do more tests and if I find out the cause I report here in this forum and github immediately.

  • User Avatar
    0
    ismcagdas created
    Support Team

    Thanks for your work @luizluan.

  • User Avatar
    0
    luizluan created

    Well I seem to have found the problem, since I have two open tabs, and I logout one, the system has several errors. But certain things work, exactly on two tables in my system. Both are as follows.

    public abstract class PersonBase<TEntity, TPrimaryKey> : FullAuditedEntity<TPrimaryKey>
            where TEntity : class, IEntity<TPrimaryKey>
            where TPrimaryKey : struct
    
        {
    
            public const int MaxFirstNameLength = 50;
            public const int MaxLastNameLength = 50;
            public const int MaxMiddleNameLength = 150;
    
            [Required, MaxLength(MaxFirstNameLength)]
            public virtual string FirstName { get; set; }
            [Required, MaxLength(MaxLastNameLength)]
            public virtual string LastName { get; set; }
            [MaxLength(MaxMiddleNameLength)]
            public virtual string MiddleName { get; set; }
            [Required]
            public virtual DateTime BirthDate { get; set; }
            public virtual DateTime? DeathDate { get; set; }
            public virtual string OwnPersonCode { get; set; }
            [DefaultValue("/App/Main/images/faceless.jpeg")]
            public virtual string UrlPicture { get; set; }
    }
    
    
     [Table("McTwPeople")]
        public class Person : PersonBase<Person, Guid>, IMustHaveTenant
        {
            public virtual SexType SexType { get; set; }
            public virtual SuffixType SuffixType { get; set; }
            public virtual EducationType EducationType { get; set; }
            public virtual MaritalType MaritalType { get; set; }
            public virtual RaceType RaceType { get; set; }
            public virtual ReligionType ReligionType { get; set; }
            public virtual int TenantId { get; set; }
            public Person()
            {
            }
        }
    

    I have two tables like this, it seems that both give the same error, when the user is logged everything works perfectly, when the logout is done the gets in that table they start to bring data from other tenants.

  • User Avatar
    0
    luizluan created

    :|

  • User Avatar
    0
    ismcagdas created
    Support Team

    Hi,

    This is the expected behaviour. When you login to app in another tab, ABP sets a new cookie for new logged in user and your old TAB uses this cookie for the server requests.