Hi there,
I’m pulling my hair out trying to figure out why I am seeing this issue. The issue is happening when we upgraded from 5.8.0 to 5.10.0. It most likely has to do with sync/async stuff or some misconfiguration. Here is what I have:
User tries to login with correct credentials at email/password at /api/auth/credentials
Authenticates successfully but doesn’t insert the session cache_entry table and therefore following request are unauthenticated. Which makes sense because cache_entry is not populated.
The logs does series of DELETE FROM “cache_entry” but never UPDATE and/or INSERT
I’ve also tried using MemoryCacheClient for ICacheClient. Same thing…the subsequent request are not authenticated.
The issue is same whether I register just the IAuthRepository and IUserAuthRepository or the async versions of it or all four.
Here are screenshots of my configurations and logs when trying to authenticate.
Wont be able to tell what the issue is without a repro, but you don’t need to register a MemoryCacheClient which is already registered by default and you should only have a single Auth Repository registration, e.g:
container.Register<IAuthRepository>(c =>
new OrmLiteAuthRepository(c.Resolve<IDbConnectionFactory>()) {
UseDistinctRoleTables = true
});
Which both the AppHost.GetAuthRepository() and AppHost.GetAuthRepositoryAsync() methods use when resolving a IAuthRepository or IAuthRepositoryAsync dependency.
Don’t see how that will help with this issue, but starting with the recommended registrations is a good start.
It may help with debugging if you put a breakpoint on OnSaveSessionAsync to see if it’s getting called:
Are you using a Custom Auth Repository or standard CredentialsAuthProvider?
How is ServiceStack configured to run at /api? as you’re using /api/auth/credentials instead of /auth/credentials. Is this a .NET Core or .NET Framework app?
Following your suggestion, I added a breakpoint. Inside of OnSaveSessionAsync, session.FromToken is true and therefore skips setting the cache(screenshot attached). What does this mean or how would this happen?
I am using standard CredentialsAuthProvider and default AuthUserSession.
Using HandlerFactoryPath = “api”
netcoreapp3.1
ok that’s weird, FromToken should be false then. That’s the reason why it wouldn’t be saved, but if you don’t have any other AuthProviders configured I don’t see how it’s being set to true.
Can you check if your HTTP Header includes the ss-tok cookie? Maybe you reused the same URL with another app that is using a stateless AuthProvider?
Yeah I don’t see how it can be set to FromToken=true, which is only done in JWT or Identity Auth Providers AFAIK.
Can you see if you can try creating a FromToken property in your Custom AuthUserSession to see if we can see where it’s being set:
public class CustomAuthSession : AuthUserSession
{
public new bool FromToken
{
get
{
return base.FromToken;
}
set
{
Console.WriteLine($"FromToken={value}");
Console.WriteLine(Environment.StackTrace);
base.FromToken = value;
}
}
}
I’m assuming because it’s only shadowed and not overriding a virtual property which I’ve added in this commit.
If you upgrade to latest v6.6.1+ on MyGet you’ll be override it instead of shadowing it, but as you’re upgrading from v5.10 it may not be a drop-in upgrade. Although just upgrading to a newer version may just resolve it.
If you can debug it and find where it’s being set to true that will help identify if it’s still an issue with the latest version, otherwise you can just set it to false in your OnSaveSessionAsync() to get it to save the session or try upgrading to a newer version.
Yes, eventually I want to upgrade this project to the latest version, but there are other dependencies that need to be resolved. I will keep you updated. Thanks for your help! As usual, you were awesome and this is a great project
I started migrating to .net 6 and SS v6.2. Everything going smoothly but looks like I have something misconfigured. I’m getting 405 Method Not Found for existing service endpoints that were working under 5.14.0. Screenshots attached. Anything I’m overlooking? When I make a request with .json, the endpoints are available. You can see that in the last screenshot.
Great! I updated the cli and client, regenerated the client side dtos. That worked!
Is UI Explorer available for the mvc project? When I navigate to http://localhost:5001/api/ui I get a blank screen and 404 for couple of JS files. One is from :8080?
