Base solution for your next web application
Ends in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Impersonation troubles with ng2 / core #2908


User avatar
0
th3monk3y created

Hi there, I've been trying to implement impersonation with the ng2 / core application. I've managed to port the mvc code mostly to the token auth based AuthToken controller. I have it working for the most part, but when impersonating from Host the ImpersonatorUserId is not populated in the front end. When impersonating from Default tenant, it is populated.

OWIN HttpContext.GetOwinContext().Authentication is no longer supported in Core. So I've had to drop the SignIn and SignOut methods (I am using the _authService.logout(false) and waiting for token, then using login service). I am wondering if this is the problem I am facing? Basically AbpSession is not working as expected on the backend. I realize AbpSession is cookie based, but tenantId is always populated so I am a bit confused. UserId and ImpersonatorUserId are never available in abpSession(backend) so I have to pass them in through the nswag service-proxies.

The bad behavior I am experiencing is that "<-- Back to my Account" is never available on front end from host when checking for ImpersonatorUserId . Works for Default tenant.

It's a bit difficult to articulate my problem. Hope you understand what I am asking.

Any suggestions?


1 Answer(s)
  • User Avatar
    0
    th3monk3y created

    I was able to figure this out. (was too tired last night I guess)

    I had to check for both impersonator Id's in ng2.

    this.isImpersonatedLogin = abp.session.impersonatorTenantId != null || abp.session.impersonatorUserId != null;

    There is still a problem in the AuthToken controller with the fore mentioned still not being set in the AbpSession. I'm unable to check for cascading logins by using AbpSession. Looks like I will have to check the cache item or pass them in. The AbpSession worked in MVC. I suspect because the browser was actually visiting the endpoint with the tokenId as a get param and then redirecting.