Tenantsadmin login not working

Hi,
I just tried adding multi tenant to an existing project and found I could not logon using tenantsadmin. Then I tried a new project and have the same issue. This did not used not be an issue, has something changed in the recent releases?

No errors in the log...

  Executed DbCommand (62ms) [Parameters=[@__normalizedUserName_0='?'], CommandType='Text', CommandTimeout='30']
  SELECT a."Id", a."AccessFailedCount", a."ConcurrencyStamp", a."Email", a."EmailConfirmed", a."LockoutEnabled", a."LockoutEnd", a."NormalizedEmail", a."NormalizedUserName", a."PasswordHash", a."PhoneNumber", a."PhoneNumberConfirmed", a."SecurityStamp", a."TenantId", a."TwoFactorEnabled", a."UserName"
  FROM "AspNetUsers" AS a
  WHERE a."NormalizedUserName" = @__normalizedUserName_0
  LIMIT 1

dotnet: info: Microsoft.AspNetCore.Mvc.Infrastructure.RedirectResultExecutor[1]
  Executing RedirectResult, redirecting to /Login?error=Invalid user or password..

The database looks ok and the migration went ok...

|Id                                  |AccessFailedCount|ConcurrencyStamp                    |Email       |EmailConfirmed|LockoutEnabled|LockoutEnd|NormalizedEmail|NormalizedUserName|PasswordHash                                                                        |PhoneNumber|PhoneNumberConfirmed|SecurityStamp                       |TwoFactorEnabled|UserName    |TenantId|
|------------------------------------|-----------------|------------------------------------|------------|--------------|--------------|----------|---------------|------------------|------------------------------------------------------------------------------------|-----------|--------------------|------------------------------------|----------------|------------|--------|
|969e42d7-30e7-4183-9175-2242c3558c15|0                |6342372b-c830-4e0a-9318-80c346bdb824|tenantsadmin|true          |false         |          |tenantsadmin   |tenantsadmin      |AQAAAAEAACcQAAAAEPCzvGbPzAJzuzII8hbPY4698xSs1j58MVKGhbqZ/kbYVcxIEgyVUajN5VQZQe0O8Q==|           |false               |66a243e6-88ed-4d11-9001-da4b2b553710|false           |tenantsadmin|        |

How could I change the password in the database?

There are no recent changes related to tenants, you can get any previous version to check it. The tenants admin user and password are seed using security migration and you can change it only from the profile page, not from database.

I understand the seed process and that you do not change passwords direct in the database. I do not understand why the tenantsadmin/tenantsadmin is showing as an incorrect password. I started with no aspnet or ef_migration tables in the database and a new blazor project and the identity migration seemed to work perfectly on starting the app. I just cannot logon as tenantsadmin. Any tips on how to diagnose?

I was able to login normally in a newly created server Blazor application with security and multi tenants enabled:

Maybe you've changed the tenantsadmin user password?


I have not been able to login to change the password. This is really strange.

Hi,
@enchev I came back to this problem in another project using webassembly. It turns out that there is a bug in your code that creates the tenantsadmin user. The normalized value for the username should be uppercase whereas the generated code creates it in lowercase. FindByNameAsync looks up the normalized username and compares with an uppercsase normalized string. You should change the value in ApplicationIdentityDbContext to match the expected value.

UserName.ToUpper().Normalize()

I've not looked but assume the same for email.
I'm guessing I experience the issue because I'm running PostgreSQL on a Linux server which defaults to being case sensitive and a default SQL database would be case insensitive.

Hi @simon ,

Not sure why the normalized UserName is with upper case since in our code it's explicitly stated as lower case:

        public async Task SeedTenantsAdmin()
        {
            var user = new ApplicationUser
            {
                UserName = "tenantsadmin",
                NormalizedUserName = "tenantsadmin",
                Email = "tenantsadmin",
                NormalizedEmail = "tenantsadmin",
                EmailConfirmed = true,
                LockoutEnabled = false,
                SecurityStamp = Guid.NewGuid().ToString()
            };

            if (!this.Users.Any(u => u.UserName == user.UserName))
            {
                var password = new Microsoft.AspNetCore.Identity.PasswordHasher<ApplicationUser>();
                var hashed = password.HashPassword(user, "tenantsadmin");
                user.PasswordHash = hashed;
                var userStore = new Microsoft.AspNetCore.Identity.EntityFrameworkCore.UserStore<ApplicationUser>(this);
                await userStore.CreateAsync(user);
            }

            await this.SaveChangesAsync();
        }

@enchev Your explicit lowercasing is the problem. FindByNameAsync expects an uppercase, normalized value in the database. It takes the user input and applies upper & normalize before comparing to the database value.
Bottom line is that uppercase TENANTSADMIN as NormalizedUserName fixed my problem.