search

abpframework / abp

Open Source Web Application Framework for ASP.NET Core. Offers an opinionated architecture to build enterprise software solutions with best practices on top of the .NET and the ASP.NET Core platforms. Provides the fundamental infrastructure, production-ready startup templates, application modules, UI themes, tooling, guides and documentation.
https://abp.io
GNU Lesser General Public License v3.0
12.31k stars 3.32k forks source link

Hangfire Dashboard - Unauthorized response. #19632

Open agustinsilvano opened 3 weeks ago

agustinsilvano commented 3 weeks ago

Is there an existing issue for this?

Description

I was not able to configure the AbpHangfireAuthorizationFilter on the UseAbpHangfireDashboard method. I read the documentation about the Dashboard setup, I followed all the steps described there but I'm still getting 401 when trying to access to the '/hangfire' path.

Reproduction Steps

  1. Download the code sample.
  2. Configure the database connection.
  3. Run migrations and launch the application.
  4. Login through swagger (using the default abp's admin account)
  5. By having a session logged in(having the corresponding session cookies properly configured), go to the {api_url}/hangfire
  6. You will get a 401 - Unauthorized error.

Question: Is that the expected flow to get access to the dashboard?

Expected behavior

By following the steps described above, the dashboard should be available for the current logged user.

Actual behavior

Is redirecting to a 401 Unauthorized page.

Regression?

No response

Known Workarounds

No response

Version

8.1.1

User Interface

Common (Default)

Database Provider

EF Core (Default)

Tiered or separate authentication server

Separate Auth Server

Operation System

macOS

Other information

I've been inspecting the AbpHangfireAuthorizationFilter (and also created a custom Authorization filter) and the information of the user's information is not available in the HttpContext

maliming commented 2 weeks ago

hi

Your app only uses JwtBeareras authentication method. Please refer to qa links below:

https://support.abp.io/QA/Questions/5167/Hangfire-Authorization-Problem https://support.abp.io/QA/Questions/3199/Hangfire-Dashboard-Authorization-is-not-working