Zero 5.0.2 - Aspnet Core, Angular I have an app written using Ionic. The user registers with the app using a username, password and voucher code. The voucher code is unique to a given tenant. The registration process injects the tenantId into a unit of work using statement, ABPSession.TenantId is set with AbpSession.Use(tenantId, null) for the uow and a new user is created for the tenant. The tenantId is returned to the app and saved in a local database. The app user is redirected to the login page to login. How do I pass the username, password and tenantId (from device storage) from the app to the server and have the server log the user into the correct tenant? Surely I do not have to set filters in unit of work and apply AbpSession.Use(tenantId, null) for every call my app makes to the server?
4 Answer(s)
-
0
Hi @BobIngham,
If I understand your scenario correctly, it is better for you to use token based auth. You can check it here <a class="postlink" href="https://aspnetzero.com/Documents/Development-Guide-Angular#token-based-authentication">https://aspnetzero.com/Documents/Develo ... entication</a>.
Basically, you need to get a token by sending username, password and tenantId fields at the beginning. Then, you can use this token in all your requests to authenticate the user.
If you get a token expired result from server (after 1 day for example), you need to get another token using same scenario. The lifetime of the token is 1 day as far as I remember but you can increase it if you like.
-
0
@ismcagdas, thanks for the consideration but I'm still not sure on best practise. I will add the tenant ref as a claim and then create the access token including this claim. That way the token can be read on every call to the server but I am still faced with the problem of having to create a unit of work and setting AbpSession.TenantId for the ouw for every call made to the server.
The question has to be: During the login and authentication processes how so I set AbpSession.TenantId so I do not have to create a unit of work and setting AbpSession.TenantId for the ouw for every call made to the server?
-
0
During the login and authentication processes how so I set AbpSession.TenantId so I do not have to create a unit of work and setting AbpSession.TenantId for the ouw for every call made to the server?
You don't have to. AbpSession returns the TenantId based on the access token.
-
0
See [https://forum.aspnetboilerplate.com/viewtopic.php?f=5&t=10657&p=26292#p26292]).
