Skip to content

Warn about sign-out after security-stamp changes #12647#12648

Merged
yasmoradi merged 1 commit into
bitfoundation:developfrom
yasmoradi:feat/12647-warn-on-security-stamp-signout
Jul 13, 2026
Merged

Warn about sign-out after security-stamp changes #12647#12648
yasmoradi merged 1 commit into
bitfoundation:developfrom
yasmoradi:feat/12647-warn-on-security-stamp-signout

Conversation

@yasmoradi

@yasmoradi yasmoradi commented Jul 12, 2026

Copy link
Copy Markdown
Member

Summary

Changing a security-sensitive setting regenerates the user's ASP.NET Core Identity security stamp, which the server re-validates on every token refresh (IdentityController.RefreshValidateSecurityStampAsync). As a result, all of the user's sessions — including the current device — get signed out on the next refresh. This previously happened silently. This PR warns the user with a localized snackbar right after such an operation succeeds, adds a Change Password tab, and stops forcing a full app reload after account edits.

Changes

Warn about the imminent sign-out (security-stamp-changing operations):

  • Add SnackBarService.Warning (uses BitColor.Warning).
  • Add SignOutOfAllDevicesWarningMessage resource string to all 10 locale .resx files.
  • Show the warning after:
    • TwoFactorSection: enabling 2FA, disabling 2FA, and resetting the authenticator key (also guards the success/warning snackbars so they no longer show when the request failed).
    • ChangePhoneNumberTab: changing the phone number.
    • ChangePasswordTab (new): changing the password.

New Change Password tab:

  • Add ChangePasswordTab (backed by the existing ChangePassword endpoint) to the account settings, placed before the Passwordless tab. It shows a success snackbar plus the sign-out warning.
  • Add ChangePasswordButtonText and PasswordChangedSuccessfullyMessage resources across all 10 locales.

No more full app reload on account edits:

  • ChangePhoneNumberTab and ChangeEmailTab previously did a forced reload (NavigateTo(..., forceLoad: true)), which also wiped any snackbar. They now refresh the cached user via PROFILE_UPDATED and re-render the current page with NavigationManager.RefreshCurrentPage(). Changing the email does not regenerate the security stamp, so no sign-out warning is shown there.

Notes

  • ChangeUserName also regenerates the stamp but currently has no UI; ResetPassword is the unauthenticated forgot-password flow — so no snackbar location applies to them here.
  • The current ChangeEmail implementation sets the email through the store directly and does not regenerate the security stamp, so it does not sign the user out (arguably a separate inconsistency, left out of scope).

Related Issue

closes #12647

Summary by CodeRabbit

  • New Features
    • Added a Password tab for changing account passwords with validation.
    • Added “sign out of all devices” security warnings for password, phone, and two-factor changes.
    • Updated two-factor flows to refresh recovery codes when applicable.
    • In multitenant setups, added a “Current Tenant” action in the footer.
  • Improvements
    • Account/profile updates now refresh the UI without disruptive navigation.
    • Two-factor actions now handle responses more safely and show clearer messaging.
    • Tenant switching now refreshes tenant state reliably.
  • Configuration
    • Updated template labeling to “Multi-Tenant” and expanded advanced test filtering.

@coderabbitai

coderabbitai Bot commented Jul 12, 2026

Copy link
Copy Markdown

Review Change Stack

Important

Review skipped

Auto incremental reviews are disabled on this repository.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 9fadb64e-da75-4897-b16e-43bc5826b4ad

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review

Walkthrough

The update adds localized warnings for security-sensitive account changes, introduces a password-change tab, synchronizes profile state without forced navigation, and improves passwordless availability handling. It also adds multitenant current-tenant propagation and display, plus template configuration updates.

Changes

Account Security and Settings

Layer / File(s) Summary
Warning notifications and localized resources
src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../SnackBarService.cs, src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings*.resx
Adds warning snackbar support and localized all-devices sign-out messages.
Password change flow
src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../AccountSection.razor, src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../ChangePasswordTab.*, src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/.../IdentityJsonContext.cs
Adds a validated password-change tab, serialization metadata, and success/error handling with sign-out warnings.
Two-factor and profile security operations
src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../TwoFactorSection.razor.cs, src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../ChangePhoneNumberTab.razor.cs, src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../ChangeEmailTab.razor.cs
Handles operation responses, updates profile state, publishes profile changes, and displays session warnings where applicable.
Passwordless availability
src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../PasswordlessTab.*, src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../AccountSection.razor.cs
Enables the passwordless action only when WebAuthn is available and removes the previous parent-level availability check.

Multitenant UI State

Layer / File(s) Summary
Tenant state propagation
src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../MainLayout.*, src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../ManageMyTenantsPage.razor.cs, src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../ClientAppMessages.cs
Publishes tenant changes, refreshes tenant state, and resolves current-tenant updates in MainLayout.
Current tenant display
src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../AppShell.*, src/Templates/Boilerplate/Bit.Boilerplate/src/Client/.../AppMenu.razor.cs
Cascades the active tenant and renders a tenant-management action with conditional styling.

Template Configuration

Layer / File(s) Summary
Template generation configuration
src/Templates/Boilerplate/Bit.Boilerplate/.template.config/template.json
Updates the multitenant label and expands exclusions for non-advanced templates.

Estimated code review effort: 4 (Complex) | ~45 minutes

Sequence Diagram(s)

sequenceDiagram
  participant User
  participant SettingsComponent
  participant UserController
  participant SnackBarService
  participant PubSubService

  User->>SettingsComponent: Change account security setting
  SettingsComponent->>UserController: Submit operation
  UserController-->>SettingsComponent: Return operation response
  SettingsComponent->>SnackBarService: Show success and sign-out warning
  SettingsComponent->>PubSubService: Publish PROFILE_UPDATED
  SnackBarService-->>User: Display warning
Loading

Poem

A rabbit watched the settings glow,
As warning snacks began to show.
Tenants hopped and profiles changed,
Password fields were neatly arranged.
“Sign in again,” the banners say—
Then tenant views refresh their way.

🚥 Pre-merge checks | ✅ 3 | ❌ 2

❌ Failed checks (2 warnings)

Check name Status Explanation Resolution
Out of Scope Changes check ⚠️ Warning The PR includes unrelated multitenant/current-tenant and passwordless UI changes that are outside the security-stamp warning scope. Split the tenant and passwordless changes into separate PRs and keep this one focused on security-stamp sign-out warnings.
Docstring Coverage ⚠️ Warning Docstring coverage is 11.76% which is insufficient. The required threshold is 80.00%. Write docstrings for the functions missing them to satisfy the coverage threshold.
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately summarizes the main change: warning users about sign-out after security-stamp-changing actions.
Linked Issues check ✅ Passed The PR adds post-success warnings for the linked 2FA, authenticator reset, and phone-number flows, matching the issue requirements.
✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 6

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangePhoneNumberTab.razor.cs`:
- Around line 90-93: In the successful phone-number update flow around
GetCurrentUser, isolate the best-effort profile refresh and PROFILE_UPDATED
publish from the subsequent post-success actions. Handle refresh failure locally
so SnackBarService.Warning, state cleanup, and navigation still execute after
the update succeeds, while preserving the existing refreshed-profile behavior
when the request succeeds.

In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.ar.resx`:
- Around line 777-779: Update the localized value for
SignOutOfAllDevicesWarningMessage to describe sign-out occurring after the next
token refresh, including all devices and the current device, and requiring the
user to sign in again; remove the fixed “within a few minutes” timing.

In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.de.resx`:
- Around line 777-779: Update the localized value for
SignOutOfAllDevicesWarningMessage to describe sign-out occurring after the next
token refresh, including all devices and the current device, and instruct the
user to sign in again. Remove the fixed “within a few minutes” timing promise
while preserving the German localization.

In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.es.resx`:
- Around line 777-779: The SignOutOfAllDevicesWarningMessage localization
currently promises a fixed-time sign-out; update its Spanish value to state that
sign-out occurs after the next token refresh, affects all devices including the
current one, and requires signing in again.

In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.resx`:
- Around line 777-778: Update the SignOutOfAllDevicesWarningMessage resource and
every localized copy to state that sign-out occurs on the next token refresh,
replacing the misleading “within a few minutes” wording while preserving the
existing security and reauthentication guidance.

In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.zh.resx`:
- Around line 777-779: The SignOutOfAllDevicesWarningMessage localization
incorrectly promises a fixed delay; replace its Chinese value with wording that
ties sign-out to the next token refresh, includes all devices including the
current device, and instructs the user to sign in again.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 6d7dcc73-87e6-4687-a25c-895005ad4882

📥 Commits

Reviewing files that changed from the base of the PR and between 6986642 and c0732b4.

📒 Files selected for processing (13)
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangePhoneNumberTab.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/TwoFactorSection.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Infrastructure/Services/SnackBarService.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.ar.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.de.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.es.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.fa.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.fr.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.hi.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.nl.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.sv.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.zh.resx

@yasmoradi yasmoradi changed the title feat(templates): warn about sign-out after security-stamp changes #12647 Warn about sign-out after security-stamp changes #12647 Jul 12, 2026
@yasmoradi yasmoradi force-pushed the feat/12647-warn-on-security-stamp-signout branch 2 times, most recently from b7b2553 to e087780 Compare July 12, 2026 20:18
@yasmoradi

Copy link
Copy Markdown
Member Author

@coderabbitai full-review

@coderabbitai

coderabbitai Bot commented Jul 12, 2026

Copy link
Copy Markdown

@yasmoradi, I'll perform a full review of all the changes in this PR now.

✅ Action performed

Full review finished.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 3

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangeEmailTab.razor.cs`:
- Around line 88-91: Update the email-change success flow around GetCurrentUser
and RefreshCurrentPage so synchronization failures do not enter the
mutation-failure catch path. After the email mutation succeeds, attempt profile
retrieval and publishing separately, then guarantee
NavigationManager.RefreshCurrentPage executes regardless of synchronization
failure.
- Around line 65-66: Remove the GetCurrentUser call and PROFILE_UPDATED
publication from the SendChangeEmailToken flow; sending the change-email token
must not fetch or publish profile updates.

In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/TwoFactorSection.razor.cs`:
- Around line 49-58: Update DisableTwoFactorAuth() to clear or replace the
recovery-code state after a successful response, using response.RecoveryCodes
when appropriate or an explicit empty value, so previously generated codes are
no longer displayed when 2FA is disabled.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: 3f14dd21-2f56-45f8-abf1-c8c3436b6306

📥 Commits

Reviewing files that changed from the base of the PR and between 6986642 and e087780.

⛔ Files ignored due to path filters (1)
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (19)
  • src/Templates/Boilerplate/Bit.Boilerplate/.template.config/template.json
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/AccountSection.razor
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangeEmailTab.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangePasswordTab.razor
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangePasswordTab.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangePhoneNumberTab.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/TwoFactorSection.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Infrastructure/Services/SnackBarService.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Features/Identity/Dtos/IdentityJsonContext.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.ar.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.de.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.es.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.fa.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.fr.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.hi.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.nl.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.sv.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.zh.resx

@yasmoradi yasmoradi force-pushed the feat/12647-warn-on-security-stamp-signout branch 2 times, most recently from a307432 to 770a779 Compare July 13, 2026 04:48
@yasmoradi

Copy link
Copy Markdown
Member Author

@coderabbitai full-review

@coderabbitai

coderabbitai Bot commented Jul 13, 2026

Copy link
Copy Markdown

@yasmoradi, I'll perform a full review of all the changes in this PR now.

✅ Action performed

Full review finished.

@coderabbitai coderabbitai Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 2

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)
src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Tenants/ManageMyTenantsPage.razor.cs (1)

86-94: 🗄️ Data Integrity & Integration | 🟠 Major | ⚡ Quick win

Use LoadTenants() for switches/leaves and Refresh() for renames

  • SwitchTo, CreateTenant, and LeaveTenant already change the auth state; MainLayout picks up the new tenant from that path, so republishing here can race and send the old tenant back to the layout.
  • UpdateTenant needs Refresh() so the renamed tenant is published to MainLayout; LoadTenants() alone leaves the old name visible.
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Tenants/ManageMyTenantsPage.razor.cs`
around lines 86 - 94, Update the tenant mutation flows so SwitchTo,
CreateTenant, and LeaveTenant call LoadTenants() after successful auth-state
changes instead of Refresh(), avoiding republishing stale tenant state; keep
Refresh() in UpdateTenant so renamed tenant data is published to MainLayout.
🧹 Nitpick comments (1)
src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Layout/AppShell.razor.scss (1)

129-137: 📐 Maintainability & Code Quality | 🔵 Trivial | 💤 Low value

Stylelint reports an empty-line-before error on the //#endif comment.

Stylelint flags scss/double-slash-comment-empty-line-before at line 137. If CI enforces stylelint, this will fail the build.

🔧 Proposed fix
     .current-tenant {
         max-width: 60%;
         position: absolute;
         inset-block-end: 0;
         inset-inline-start: 0;
     }
+
     //#endif
🤖 Prompt for AI Agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Layout/AppShell.razor.scss`
around lines 129 - 137, Update the conditional SCSS block around .current-tenant
so the //#endif directive satisfies the
scss/double-slash-comment-empty-line-before rule, adding the required empty line
before it while preserving the existing styles and template directives.

Source: Linters/SAST tools

🤖 Prompt for all review comments with AI agents
Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangePhoneNumberTab.razor.cs`:
- Around line 94-95: Update the post-save flow around CurrentUser and
PubSubService.Publish to handle a null CurrentUser before assigning PhoneNumber
or publishing the profile update. Use an explicit null guard so a successful
server call still completes the tab’s cleanup path without dereferencing
CurrentUser!.

In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/PasswordlessTab.razor`:
- Line 19: Update the passwordless disable flow around DisablePasswordless so
the disable action is unavailable when WebAuthn is not supported, not only when
enrollment is unavailable. Apply the existing isAvailable state to the
configured branch, or provide an explicit recovery state that prevents invoking
DisablePasswordless without WebAuthn capability.

---

Outside diff comments:
In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Tenants/ManageMyTenantsPage.razor.cs`:
- Around line 86-94: Update the tenant mutation flows so SwitchTo, CreateTenant,
and LeaveTenant call LoadTenants() after successful auth-state changes instead
of Refresh(), avoiding republishing stale tenant state; keep Refresh() in
UpdateTenant so renamed tenant data is published to MainLayout.

---

Nitpick comments:
In
`@src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Layout/AppShell.razor.scss`:
- Around line 129-137: Update the conditional SCSS block around .current-tenant
so the //#endif directive satisfies the
scss/double-slash-comment-empty-line-before rule, adding the required empty line
before it while preserving the existing styles and template directives.
🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

  • Push a commit to this branch (recommended)
  • Create a new PR with the fixes

ℹ️ Review info
⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: ad74ae04-565e-4665-80ab-1fc8479bc70f

📥 Commits

Reviewing files that changed from the base of the PR and between 6986642 and 770a779.

⛔ Files ignored due to path filters (1)
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/package-lock.json is excluded by !**/package-lock.json
📒 Files selected for processing (30)
  • src/Templates/Boilerplate/Bit.Boilerplate/.template.config/template.json
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Layout/AppShell.razor
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Layout/AppShell.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Layout/AppShell.razor.scss
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Layout/Header/AppMenu.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Layout/MainLayout.razor
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Layout/MainLayout.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/AccountSection.razor
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/AccountSection.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangeEmailTab.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangePasswordTab.razor
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangePasswordTab.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/ChangePhoneNumberTab.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/PasswordlessTab.razor
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/PasswordlessTab.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/TwoFactorSection.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Tenants/ManageMyTenantsPage.razor.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Infrastructure/Services/ClientAppMessages.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Infrastructure/Services/SnackBarService.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Features/Identity/Dtos/IdentityJsonContext.cs
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.ar.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.de.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.es.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.fa.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.fr.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.hi.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.nl.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.sv.resx
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Resources/AppStrings.zh.resx
💤 Files with no reviewable changes (1)
  • src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Settings/Account/AccountSection.razor.cs

@yasmoradi yasmoradi force-pushed the feat/12647-warn-on-security-stamp-signout branch from 770a779 to 54a08e2 Compare July 13, 2026 07:34
@yasmoradi yasmoradi merged commit 0ce3dd6 into bitfoundation:develop Jul 13, 2026
3 checks passed
@yasmoradi yasmoradi deleted the feat/12647-warn-on-security-stamp-signout branch July 13, 2026 10:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Changing 2FA or phone number silently signs the user out of all their devices

1 participant