Browser("Browsername").Refresh
I am using this to refresh my application , Once the browser is refreshed the user is getting logged out of application. Any other way to check that user is not logging off the appliation after browser refresh ?
Application is built on Angular JS and I am automation using UFT
Related
I Implemented Authentication and authorization on ASP.net 6 with Azure B2C,and everything works fine except the Logout button on the authorization modal provided by Swagger, as it appears to log the user out, but after "logging out" the user can click "Authorize" and be logged in again without being required to enter their username and password. It's not clearing out the user session from the browser. On the client side developed in vueJs , the logout works fine , the issue is happening only with swagger, I tried to track the flow of the HTTP requests and it appears that clicking the logout button does not trigger any http calls in order to logout the user or clear his session.
Am using the nuget package Swashbuckle.AspNetCore 6.3.0 , any suggestions ?Thanks
Clearing Cookies session during logout button having issues in ASP .NET Core and still it is in open state on GitHub Issues Repo.
Same it is not possible to do external logout using OAuth
Please keep trace of this issue in the GitHub. Also, if possible, contact the technical support of Microsoft Azure on azcommunity#microsoft.com
I'm developing a chrome extension which will make API calls to a web app i built. I want to implement authentication into the extension in order to make the API call and perform other tasks in the extension.
I want to use OpenID for the authentication (Using Azure) so my thinking was:
Chrome extension launches and background script opens popup to the login page of my web app
User is redirected to Azure login and enters credentials
Webapp receives openid token with user details
Webapp generates api key and stores this along with user id in back-end
The next part i'm not sure on is how i return the api key and userid back to the extension.
My thinking was to generate a 'login successful' page which has this data stored in a hidden field that the browser extension can then grab via a content script and store it in local storage.
Looking for advice on whether this is a suitable method or if there is a better way.
Thanks!
I'm using azure app service built in authentication to log in users to my web app. Since I have some pages that user can access without authentication I have allowed anonymous access in app service auth configuration.
It works as intended for the current session. But when the user closes the browser or opens a new window, the authentication is lost. The user is required to login again.
Is there any way to keep the user logged in?
What I do currently:
On sign in button click,
direct the user to /.auth/login/microsoftaccount, after successful login I call ./auth/me to get the user claims/details and then login the user. Then I do a http post to https://appname.azurewebsites.net/.auth/login/microsoftaccount to validate the tokens that I got from /.auth/me and I also get a session token from this post request (which I don't know what to use for).
I use the custom headers set by the app service for authentication on the backend. App service auth docs
Is this the right way of doing authentication using app service. If so is there any way that we can keep the user logged in to app service auth and not ask them to sign every time they open the website.
Is there any way to cache the tokens?
It is normal that you need to login again after close your browser or open in a new window, because the life cycle of session is from opening the window to closing the window.
You could consider using cookie coordinating with session. Session is on server side, we cannot see it, but we could set the time out value. Cookie is on client side, we could save some authentication information to stay login, but it is not safe.
Hey there all I am struggling with a very strange issue, I have a react app where the user can log in and the JWT token gets saved in the local Storage so on refresh of the page the user is still logged in, and it works as it should.
But I have my server and the app running from a Ubuntu server now for production with nginx set up and on the refresh of the page the user is always logged out, although on the reload before the page is loaded in the console i can log out the token bearer.
Why can that be?
Do you guys have any tips?
During a browser based authentication (oauth) some iOS users experience the flow as their Spotify app opening to authenticate rather than in the browser.
When this happens the redirection back to the site uses the default browser rather than the browser that started the flow.
So for example a user may start to authenticate in Chrome or in the Facebook Browser, but is then redirected after authentication to Safari.
If you are maintaining session or states to check against CSRF then this will breaks that.
I also think it would be more consistent for the user to send them back to their original browser.