Activities of "rickfrankel"

Done.

https://github.com/aspnetzero/aspnet-zero-core/issues/5043

Thanks

Hi @m.aliozkaya

Doesn't look like any of the bootstrap 4 options work either. Eg: data-delay not working either.

We can wait until this is all cleaned up and made consistent.

Thanks Rick

Yeah the RedisOnlineClientStore from ABP works well for us. Since we've switched over to it we've had no issues or problems at all.

My view is this is not a security issue. If you trace down the CheckPasswordAsync call being done here. I get into Microsoft.Extensions.IdentityCore (7.0.0.0) which is doing the password verification.

From my reading this is the code which is being used.

https://github.com/dotnet/aspnetcore/blob/53845260d1ffa1a90fe4c499142bc6709dddeacf/src/Identity/Extensions.Core/src/PasswordHasher.cs#L166

And as you can see the salt is stored in asp.net core identity with the password in the same field.

If you know the password and you copy the password column then yes you will be able to login but no this is not a security vulnerability as the password is salted and you won't be able to (easily) reverse the password from the hashed value.

https://github.com/aspnetzero/aspnet-zero-core/issues/4757

Looks to be a change from using the tooltip attribute to the title attribute and using a data-bs-toggle.

https://preview.keenthemes.com/html/metronic/docs/base/tooltips

I've modified my copy of notifications and the tenant-features-modal-component to fix it in my local issue.

I've noticed it's also used in create-or-edit-user modal. Edit user permissions Dynamic form fields

Looks to be a bunch of things missing from an update.

Thanks @ismcagdas,

i manually merged your changes into my version and confirmed all working well.

Thanks

Hi All,

Here are the steps I just followed.

1. Downloaded a fresh version of our project at 11.3 version (from the ASPNet zero).
2. Ran yarn and npm create-bundles and then yarn start
3. Ensured my local blank DB used for this kind of testing was up to date and ran the web host.
4. Logged in as host and enabled the 2FA as follows.

5. Refreshed the screen and went to My Settings -> 2 Factor and enabled Google
6. Scanned the QR code on my phone and logged out of the app
7. Logged in again and selected Google Authenticator from the dropdown screen.
8. Entered my code and ticked Remember this browser.
9. Confirmed I was logged in.
10. Logged out again.
11. Clicked login again
12. And was presented with the Google Authenicator option in the send security code screen.
13. Clicked submit and back to entering a code.

Given on step 8 I selected remember this browser I shouldn't have had to select the authenticator type and enter the code again.

As I pasted in the first message in this thread the above function is what is failing.

I'll run a freshly downloaded version of my project and confirm the issue exists. Will revert tomorrow.

Hi @ismcagdas,

Any updates on this one please?

Thanks Rick