shesha-io · ntuthukomsane-boxfusion · Apr 20, 2026 · Apr 20, 2026
diff --git a/shesha-core/src/Shesha.Application/Authorization/TokenAuthController.cs b/shesha-core/src/Shesha.Application/Authorization/TokenAuthController.cs
@@ -24,6 +24,7 @@
 using System.Linq;
 using System.Security.Claims;
 using System.Threading.Tasks;
+using System.Transactions;
 
 namespace Shesha.Authorization
 {
@@ -39,13 +40,14 @@ public class TokenAuthController : SheshaControllerBase
         private readonly IRepository<ShaUserRegistration, Guid> _userRegistration;
         private readonly IExternalAuthConfiguration _externalAuthConfiguration;
         private readonly IExternalAuthManager _externalAuthManager;
-        private readonly UserRegistrationManager _userRegistrationManager;
+        private readonly IUserRegistrationManager _userRegistrationManager;
         private readonly IRepository<Person, Guid> _personRepository;
         private readonly IRepository<MobileDevice, Guid> _mobileDeviceRepository;
         private readonly ITokenBlacklistService _tokenBlacklistService;
         private readonly UserManager<User> _userManager;
         private readonly AbpUserClaimsPrincipalFactory<User, Role> _claimsPrincipalFactory;
         private readonly IConfiguration _appConfiguration;
+        private readonly IRepository<User, long> _userRepository;
 
         public TokenAuthController(
             LogInManager logInManager,
@@ -54,14 +56,15 @@ public TokenAuthController(
             TokenAuthConfiguration configuration,
             IExternalAuthConfiguration externalAuthConfiguration,
             IExternalAuthManager externalAuthManager,
-            UserRegistrationManager userRegistrationManager,
+            IUserRegistrationManager userRegistrationManager,
             IRepository<Person, Guid> personRepository,
             IRepository<ShaUserRegistration, Guid> userRegistration,
             IRepository<MobileDevice, Guid> mobileDeviceRepository,
             ITokenBlacklistService tokenBlacklistService,
             UserManager<User> userManager,
             AbpUserClaimsPrincipalFactory<User, Role> claimsPrincipalFactory,
-            IConfiguration appConfiguration)
+            IConfiguration appConfiguration,
+            IRepository<User, long> userRepository)
         {
             _logInManager = logInManager;
             _tenantCache = tenantCache;
@@ -77,6 +80,7 @@ public TokenAuthController(
             _userManager = userManager;
             _claimsPrincipalFactory = claimsPrincipalFactory;
             _appConfiguration = appConfiguration;
+            _userRepository = userRepository;
         }
 
         [HttpPost]
@@ -110,7 +114,7 @@ public async Task<AuthenticateResultModel> AuthenticateAsync([FromBody] Authenti
             return authenticateResult;
         }
 
-        private async Task<AuthenticateResultModel> GetAuthenticateResultAsync(ShaLoginResult<User> loginResult, string imei) 
+        private async Task<AuthenticateResultModel> GetAuthenticateResultAsync(ShaLoginResult<User> loginResult, string imei)
         {
             var validFrom = DateTime.UtcNow;
             var expiresOn = validFrom.Add(_configuration.Expiration);
@@ -322,28 +326,31 @@ public async Task<ExternalAuthenticateResultModel> ExternalAuthenticateAsync([Fr
 
         private async Task<User> RegisterExternalUserAsync(ExternalAuthUserInfo externalUser)
         {
-            var user = await _userRegistrationManager.RegisterAsync(
-                externalUser.Name,
-                externalUser.Surname,
-                externalUser.EmailAddress,
-                externalUser.EmailAddress,
-                Authorization.Users.User.CreateRandomPassword(),
-                true
-            );
-
-            user.Logins = new List<UserLogin>
+            using (var uow = UnitOfWorkManager.Begin(TransactionScopeOption.RequiresNew))
             {
-                new UserLogin
+                var user = await _userRegistrationManager.RegisterAsync(
+                    externalUser.Name,
+                    externalUser.Surname,
+                    externalUser.EmailAddress,
+                    externalUser.EmailAddress,
+                    Authorization.Users.User.CreateRandomPassword(),
+                    true
+                );
+
+                var persistedUser = await _userRepository.GetAsync(user.Id);
+
+                persistedUser.Logins.Add(new UserLogin
                 {
                     LoginProvider = externalUser.Provider,
                     ProviderKey = externalUser.ProviderKey,
-                    TenantId = user.TenantId
-                }
-            };
+                    TenantId = persistedUser.TenantId,
+                    UserId = persistedUser.Id
+                });
 
-            await CurrentUnitOfWork.SaveChangesAsync();
+                await uow.CompleteAsync();
 
-            return user;
+                return persistedUser;
+            }
         }
 
         private async Task<ExternalAuthUserInfo> GetExternalUserInfoAsync(ExternalAuthenticateModel model)
@@ -381,7 +388,7 @@ private async Task<ShaLoginResult<User>> GetLoginResultAsync(string usernameOrEm
             }
         }
 
-        private string CreateAccessToken(IEnumerable<Claim> claims) 
+        private string CreateAccessToken(IEnumerable<Claim> claims)
         {
             var validFrom = DateTime.UtcNow;
             var expiresOn = validFrom.Add(_configuration.Expiration);

diff --git a/shesha-core/src/Shesha.Framework/Authorization/Users/IUserRegistrationManager.cs b/shesha-core/src/Shesha.Framework/Authorization/Users/IUserRegistrationManager.cs
@@ -0,0 +1,16 @@
+using System.Threading.Tasks;
+using Abp.Domain.Services;
+
+namespace Shesha.Authorization.Users
+{
+    /// <summary>
+    /// Interface for user registration management
+    /// </summary>
+    public interface IUserRegistrationManager : IDomainService
+    {
+        /// <summary>
+        /// Registers a new user
+        /// </summary>
+        Task<User> RegisterAsync(string name, string surname, string emailAddress, string userName, string plainPassword, bool isEmailConfirmed);
+    }
+}
diff --git a/shesha-core/src/Shesha.Framework/Authorization/Users/UserRegistrationManager.cs b/shesha-core/src/Shesha.Framework/Authorization/Users/UserRegistrationManager.cs
@@ -14,30 +14,27 @@
 
 namespace Shesha.Authorization.Users
 {
-    public class UserRegistrationManager : DomainService
+    public class UserRegistrationManager : DomainService, IUserRegistrationManager
     {
         public IAbpSession AbpSession { get; set; }
 
         private readonly TenantManager _tenantManager;
         private readonly UserManager _userManager;
         private readonly RoleManager _roleManager;
-        private readonly IPasswordHasher<User> _passwordHasher;
 
         public UserRegistrationManager(
             TenantManager tenantManager,
             UserManager userManager,
-            RoleManager roleManager,
-            IPasswordHasher<User> passwordHasher)
+            RoleManager roleManager)
         {
             _tenantManager = tenantManager;
             _userManager = userManager;
             _roleManager = roleManager;
-            _passwordHasher = passwordHasher;
 
             AbpSession = NullAbpSession.Instance;
         }
 
-        public async Task<User> RegisterAsync(string name, string surname, string emailAddress, string userName, string plainPassword, bool isEmailConfirmed)
+        public virtual async Task<User> RegisterAsync(string name, string surname, string emailAddress, string userName, string plainPassword, bool isEmailConfirmed)
         {
             CheckForTenant();
 
@@ -55,8 +52,8 @@ public async Task<User> RegisterAsync(string name, string surname, string emailA
                 Roles = new List<UserRole>()
             };
 
-            user.SetNormalizedNames();
-           
+            user.SetNormalizedNames();
+
             foreach (var defaultRole in await _roleManager.Roles.Where(r => r.IsDefault).ToListAsync())
             {
                 user.Roles.Add(new UserRole(tenant.Id, user.Id, defaultRole.Id));

diff --git a/shesha-core/src/Shesha.Framework/SheshaFrameworkModule.cs b/shesha-core/src/Shesha.Framework/SheshaFrameworkModule.cs
@@ -7,6 +7,7 @@
 using Microsoft.AspNetCore.Mvc.Filters;
 using Microsoft.Extensions.Configuration;
 using Shesha.Authorization;
+using Shesha.Authorization.Users;
 using Shesha.Configuration;
 using Shesha.Configuration.Email;
 using Shesha.Configuration.Security;
@@ -85,6 +86,7 @@ public override void Initialize()
 
             IocManager.Register<StoredFileService, StoredFileService>(DependencyLifeStyle.Transient);
             IocManager.Register<AzureStoredFileService, AzureStoredFileService>(DependencyLifeStyle.Transient);
+            IocManager.Register<IUserRegistrationManager, UserRegistrationManager>(DependencyLifeStyle.Transient);
             IocManager.IocContainer.Register(
                 Component.For<IStoredFileService>().UsingFactoryMethod(f =>
                 {