How do I subscrive to the forum? I used to be able to do this on the old system.
Given the fact that phone number verification and Google Authentication are on the User Settings page doesn't it make sense to put email verification in the same place rather than on the sign in page? Putting it on the sign in page opens the system to all kinds of injection attacks.
Would you like me to open a request issue on the github pages for this request or is there a reasonable answer for why email verification is on the sign in page?
In fact doesn't the the sign in page itself open itself to all kinds of injection attacks? Without a recaptcha (Add reCAPTCHA to login page) a robot could easily flood the log files and bring the system crashing down. I think this is true even if lockout settings were set. Even then a host has no control over lockout settings at tenant level.
Can I politely request higher priority for the above issue and consider an option to put recaptcha on the signin page as an option at tenant level?
Of course I understand that 7.0 has priority over everything else at this moment.
DOH!
angular, dotnetcore, 6.8.0, .net 4.6.1
I am still at a loss.
I have just released 6.8.0. I go to host settings-> User management and enable Phone number verification:
I go to host settings-> Security and enable Two Factor Login, note Google Authenticator is unchecked:
I go to my user settings and make sure I have a phone number and enable Two factor authentication:
I refresh my page to reload all settings and go to .\admin -> My settings -> Two Factor Login:
Note I cannot verify my phone number but I can enable Google Authenticator (which is not set).
I sign out and sign in again and I have just one option for 2FA, email:
How the hell do I verify my phone number?
I go to the database and update IsPhoneNumberConfirmed:
begin tran
update [dbo].[AbpUsers]
set [IsPhoneNumberConfirmed] = 1
where Id = 1
--commit
--rollback
I go back to the sign in page and refresh and bingo I have 2FA for the phone.
How the hell do I verify my phone number without having to resort to SQL?
Issue #3 - the linked document may help. It's some notes I made when starting out with Zero over a year ago. adding a module to Angular Issue #1 - this is where I started from, I recommend using Visual Studio for the merge process and not Visual Code. Thanks to @jmhinnen. ABP + Module Zero + ASP.NET Zero
Hi @ismcagdas, it shoudn't be something like that, it should be exactly like that!!!! Thanks a lot.
angular, dotnetcore, 6.8.0, .net 4.6.1 Hi all,
I recently had a problem with browser cache after i released an upgrade from 5.4.1 to 6.8.0. Fortunately we are still in pre-lauch and I only have four tenants and about a hundred users to support. But having to answer support calls with "press Ctrl-F5 simultaneously" became a little wearisome. I know the hashing mechanism of angular should remove most problems but I believe items in the assets folder still caused problems.
Can anyone see any reason for me NOT to add the following lines to the head of index.html?
<meta http-equiv="cache-control" content="no-cache, must-revalidate, post-check=0, pre-check=0">
<meta http-equiv="expires" content="0">
<meta http-equiv="pragma" content="no-cache">
Can anyone tell me if it's a pointless exercise?
Hi Leon, This sounds like one for investigation in SQL Server. Output the SQL, open SSMS and run the query with "Query" -> "Include Actual Execution Plan". That should give you some clues. You might want to consider putting the varbinary value (9MB - that's not good for SQL) in Azure table storage and using a cross-reference in your SQL table or vice-versa.
Hi @maliming. I will try that but it's low priority at the moment.
Thanks, Aaron. Again.