Hello. I have a question about refresh_token.
If you connect angular UI to API services, after login, we get the response:
{
"access_token": "some_code",
"refresh_token": "another_token",
"expire": 2900
}

access_token will be saved in LocalStorage.
Where will refresh_token be saved?

If it is stored in the LocalStorage, then what about security?

Is it possible for you to update the application to .Net core 3.1?

Thanks,
Shubham Dhanetia

FYI, I tried to upgrade to the recent Core 3.x preview and couldn't get past this error which I logged at

FluentValidation/FluentValidation#975

Really like this project - have you a road map?

I have used this framework for a small project and I think it is pretty cool.
I am having problems however retrieving email addresses, I get no errors but I sometimes get a null email address in the AppUser mapped from User. I find it strange that it seems to be an intermitent issue.
I did upgrade to dotnet core 3.1.

Hi,
I tried to add a new policy based on Roles, therefore into the AddAuthorization lambda expression I added the following line
options.AddPolicy("ApiSuperAdmin", policy => policy.RequireRole(UserRoles.Superadmin));
Then I created a new action into the ProtectedController and changed the Authorization attribute to use the new policy
[Authorize(Policy = "ApiSuperAdmin")]
Now when I call the previous action the API returns 200 but when I try to call the new action protected by the new policy the API return 403.
It seems like the system is not able to understand the new policy.
Could you help me to find a solution?
Thank you.

I just changed project framework on 3.0 & every time it throws an error

Message=Method 'GetValidationVisitor' in type 'FluentValidation.AspNetCore.FluentValidationObjectModelValidator' from assembly 'FluentValidation.AspNetCore, Version=8.0.0.0, Culture=neutral, PublicKeyToken=7de548da2fbae0f0' does not have an implementation.

This error throws on Wep api Startp.cs file in ConfigureServices method at line 134 which is
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_3_0).AddFluentValidation(fv => fv.RegisterValidatorsFromAssemblyContaining<Startup>());
I have also Changed the Compatibility version to 3.0 but same Error

What happen in the case of URL redirection upon successful login? How does AccountController.Login return the JsonContentResult which contains Token? Redirect(url) returns a different IActionResult class

Hello,

In your example, I only see how you can do post requests.

Would you advise to do all the other requests the same way as the post request or do you suggest something else?

thank you,

As the title says. Some unit tests aren't working anymore :(