tsai
/
abp-next-admin
mirror of https://github.com/colinin/abp-next-admin.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
这是基于vue-vben-admin 模板适用于abp Vnext的前端管理项目
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3170 Commits
71 Branches
53 Tags
72 MiB
 
 
 
 
 
 
Tree: 438ed31e79
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '438ed31e79'
${ noResults }
abp-next-admin/aspnet-core/modules/openIddict/LINGYUN.Abp.OpenIddict.AspN.../README.EN.md

2.8 KiB
Raw Blame History

LINGYUN.Abp.OpenIddict.AspNetCore.Session

ABP version NuGet

Introduction

LINGYUN.Abp.OpenIddict.AspNetCore.Session is a session management extension module for OpenIddict, providing functionality for user session persistence, validation, and revocation.

简体中文

Features

  • User Session Management

    • Automatic session persistence on login
    • Automatic session termination on logout
    • Automatic session termination on token revocation
    • UserInfo endpoint session validation

  • Multi-tenancy Support

    • Session management supports multi-tenant scenarios
    • Tenant-isolated session storage

  • Configurable Session Persistence

    • Support for configuring grant types that require session persistence
    • Default support for password grant type

Installation

dotnet add package LINGYUN.Abp.OpenIddict.AspNetCore.Session

Usage

  1. Add [DependsOn(typeof(AbpOpenIddictAspNetCoreSessionModule))] to your module class.

  2. Configure session options:

Configure<IdentitySessionSignInOptions>(options =>
{
    options.SignInSessionEnabled = true;    // Enable login session
    options.SignOutSessionEnabled = true;   // Enable logout session
});

Configure<AbpOpenIddictAspNetCoreSessionOptions>(options =>
{
    // Configure grant types that require session persistence
    options.PersistentSessionGrantTypes.Add(GrantTypes.Password);
    options.PersistentSessionGrantTypes.Add("custom_grant_type");
});

Workflow

  1. User Login

    • When a user successfully logs in through configured grant types
    • System automatically creates and persists session information

  2. Session Validation

    • When user accesses the UserInfo endpoint
    • System automatically validates if the session is valid
    • Returns appropriate error if session has expired or is invalid

  3. Session Termination

    • Automatically terminates session on user logout
    • Automatically terminates related sessions on token revocation
    • Supports session management for multiple concurrent logins

Notes

  • Session persistence only applies to configured grant types
  • Session validation automatically switches tenant context in multi-tenant environments
  • Token revocation will terminate related user sessions
  • UserInfo endpoint session validation is mandatory, invalid sessions will result in request rejection