Base solution for your next web application
Starts in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Not checking tenant with subdomain as tenant name #8218


User avatar
0
SRTMDEV created

Hello,

Tenant availability is not checked with subdomain as tenancy name. When I try with this link http://tenantname.domain.com if tenant is not available system assumes this as host tenant or take tenant id as null, even it not redirect the host tenant like http://host.domain.com or nor redirect any error page.

We want to check first tenant availability and then display the login page or application, if tenant is not available redirect to the error page. I also this thing on your demo application.

http://tenantnotavailable.demo.aspnetzero.com/account/login

How we can setup it? Any suggestion with this approach?

Thanks in advance.


4 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team

    You can write a middleware to check the tenant. If the tenant does not exist, redirect to error page.

    The following is just a simple example, you can improve it or use better code to solve your problem.

    Please place your middleware after authentication(jwt or identity server) middleware.

    app.Use(async (context, next) =>
    {
    	/*
    	if (context.Request.Path.HasValue && context.Request.Path.Value.Contains("ErrorTenantDomainFormat"))
    	{
    		await next.Invoke();
    		return;
    	}
    	*/
    
    	var session = context.RequestServices.GetRequiredService<IAbpSession>();
    	if (session.TenantId == null)
    	{
    		var domainFormat = context.RequestServices.GetRequiredService<IWebMultiTenancyConfiguration>().DomainFormat;
    		var hostName = context.Request.Host.Host.RemovePreFix("http://", "https://").RemovePostFix("/");
    		domainFormat = domainFormat.RemovePreFix("http://", "https://").Split(':')[0].RemovePostFix("/");
    		var result = new FormattedStringValueExtracter().Extract(hostName, domainFormat, true, '/');
    		if (result.IsMatch && result.Matches.Any())
    		{
    			var tenancyName = result.Matches[0].Value;
    			if (!tenancyName.IsNullOrWhiteSpace() && !string.Equals(tenancyName, "www", StringComparison.OrdinalIgnoreCase))
    			{
    				var tenant = context.RequestServices.GetRequiredService<ITenantCache>().GetOrNull(tenancyName);
    				if (tenant == null || !tenant.IsActive)
    				{
    					context.Response.Redirect("http://www.mydomain.com/ErrorTenantDomainFormat");
    					return;
    				}
    			}
    
    		}
    	}
    
    	await next.Invoke();
    });
    
  • User Avatar
    0
    SRTMDEV created

    Hello maliming ,

    Thanks for your response. I am able to check tenant if not available and redirect if not available but i am getting error in angular side when tenant is not available. see below screenshot.

    It may be because of if tenant not available system not return any json and in frontend side system parsing the result in XHR request. I am able to solve it by try catch. Check below code and Please suggest if any better way to solve it.

        xhr.onreadystatechange = () => {
            if (xhr.readyState === XMLHttpRequest.DONE) {
                if (xhr.status === 200) {
                    let result;
                    try {
                        result=JSON.parse(xhr.responseText);
                    } catch (e) {
                        window.location.href = xhr.responseURL;
                    }
                    
                    success(result);
                }else if (xhr.status !== 0) {
                    alert(abp.localization.localize('InternalServerError', 'AbpWeb'));
                }
            }
        };
       
    

    Any other suggestion to sove it?

  • User Avatar
    0
    maliming created
    Support Team

    hi

    You can get the tenant name based on the url when the angular application starts. Such as:

    http://Abc.domain.com-> Abc
    

    Then call the api to check if this tenant name(Abc) is available, redirect the angular application to your error page if it is not available.

    This eliminates the need to add the above middleware to the api application.

  • User Avatar
    0
    ismcagdas created
    Support Team

    This issue is closed because it has not had recent activity for a long time.