Base solution for your next web application
Open Closed

Custom session #5536

User avatar
0
xmarwin created

Hello. I am trying to create custom session using this article (and several others) but it seems to be already obsolete. I need to create custom session with one (for the sake of simplicity) enum called AdelRoles that is changed on users login action. I have added following code:

Session Class:

public class AdelSession : ClaimsAbpSession, ITransientDependency
{
    public AdelSession(
        IPrincipalAccessor principalAccessor,
        IMultiTenancyConfig multiTenancy,
        ITenantResolver tenantResolver,
        IAmbientScopeProvider<SessionOverride> sessionOverrideScopeProvider) :
        base(principalAccessor, multiTenancy, tenantResolver, sessionOverrideScopeProvider)
    {}

    public AdelRoles AdelRoles
    {
        get
        {
            var adelRoles = PrincipalAccessor.Principal?.Claims.FirstOrDefault(c => c.Type == "AdelRoles");
               
            if (string.IsNullOrEmpty(adelRoles?.Value))
            {
                return AdelRoles.None;
            }

            return (AdelRoles)int.Parse(adelRoles.Value);
        }
    }
}

TokenAuthController:

  • added following method:
private void UpdateAuthorizationGroup(User user, ClaimsIdentity identity)
{
    var adelRoles = AdelRoles.Supporter;            
    identity.AddClaims(new List<Claim>() { new Claim("AdelRoles", ((int)adelRoles).ToString()) });
}

that is called at the end of Task<AuthenticateResultModel> Authenticate([FromBody] AuthenticateModel model) method:

.....
//Login!
UpdateAuthorizationGroup(loginResult.User, loginResult.Identity);
var accessToken = CreateAccessToken(CreateJwtClaims(loginResult.Identity));

return new AuthenticateResultModel
{
    AccessToken = accessToken,
    EncryptedAccessToken = GetEncrpyedAccessToken(accessToken),
    ExpireInSeconds = (int)_configuration.Expiration.TotalSeconds,
    TwoFactorRememberClientToken = twoFactorRememberClientToken,
    UserId = loginResult.User.Id,
    ReturnUrl = returnUrl
};

Then later I read from my AdelSession.AdelRoles but unfortunately I always get AdelRoles.None as AdelRoles is not among the claims.

What am I doing wrong?

Thanks for any hint. Best regards, Martin.

Go to accepted answer
3 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team

    I did not find this problem according to your code. After logging in, _principalAccessor can get AdelRoles information.

    You can set a breakpoint to see if loginResult.Identity contains the Claim information you added. Similarly, you can decrypt the access_token to see if there is AdelRoles information.

    <a class="postlink" href="https://jwt.io/">https://jwt.io/</a>

    [attachment=0:1091qwhu]123123.png[/attachment:1091qwhu]

  • User Avatar
    0
    xmarwin created

    Hi maliming. Thanks for the quick reply. I am not sure what happened but things that didn't work yesterday work today... I restarted my notebook, maybe that may have solved the issue? It's a bit embarrassing as I spend entire day yesterday trying to make this work. Anyway, consider it fixed.

    Best regards, Martin.

  • User Avatar
    0
    alper created
    Support Team

    thanks for the feedback ;)

Assignee
No one
Labels
Non yet