What is new in AspNet Zero 8.1.0

1. ASP.NET Core 3.1 support

AspNet Zero now supports for ASP.NET Core 3.1. For using this version of asp.net zero, you would need to install the SDK or runtime of net core 3.1.

  • Migration function of EF core 3.1 has changed
  • AspNet Zero team has added runtime recompiling feature to the MVC project. This will enable the cshtml files to recompile on change.
  • In the earlier version Without that, any change to the cshtml files, I had to rerun project to see changes on web browser.

2. Multi-tenant LDAP support

 I. LDAP/Active Directory

The AspNet Zero version 8.1.0 now has an active support for authenticating users by way of using LdapAuthenticationSource which is an implementation of external authentication to make users login with their LDAP (active directory) username and password.

ASP blog image

The Login method of AspNet Zero authenticates a user from the AbpUsers table in the database. However, many times, an application may require you to authenticate users from some external sources like active directory (ADFS) or using the LDAP.

Users will log into the AspNet Zero application with their LDAP credentials, and the application will authenticate them against the LDAP service of a tenant. When using LDAP, we don’t manage the users, but the user-groups, so we will manage the roles through them.

  1. If you want to use LDAP authentication, you need to first add the Zero.Ldap NuGet package to our project.
  2. Then you set up a module dependency to AbpZeroLdapModule and enable LDAP with the auth source.
  3. After this, the LDAP module will be enabled for your application,
  4. By using the LdapSettingNames class that defines constants for setting names.
  5. These constant names while changing settings (or getting settings). LDAP settings are per-tenant, now from this version also supporting multi-tenant applications, so different tenants have different settings (see the setting definitions on GitHub.
  6. In the MyLdapAuthenticationSource class, the ILdapSettings is injected as a dependency as a constructor argument. And this interface provides all the LDAP settings like domain, username and password to connect to Active Directory.
  7. If you want to change the LDAP settings, then you can work with the Settings Manager API
  8. You can also add an initial seed data to the database for having some auth information.

3. Refresh token support for Angular

This angular refresh token implementation helps when the user selects “Remember me”, in that case the refresh token will be stored.

This means that if the user is already logged into the application, and if he does not explicitly logout, the next time they open their browser they would be automatically logged in.

In this case, if the user is not authorized, Application will block all requests and try to get the access token. If the access token is retrieved the application will re-handle all requests. However, if the access token is not retrieved, then the user will be redirected to the login page.

The earlier version of AspNet Zero already had an implementation of the refresh token, through the core project. It was not used from the angular side. However, in the version 8.1.0, the refresh token has been implemented on the angular side as well.  This is going to be certainly helpful.