fix

src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Layout/UserMenu.razor.cs

@@ -42,11 +42,9 @@ protected override async Task OnInitAsync()
             await InvokeAsync(StateHasChanged);
         });
 
-        var concurrencyStamp = await PrerenderStateService.GetValue(async () => (await AuthenticationStateTask).User.GetConcurrencyStamp());
-        userController.AddQueryString("version", concurrencyStamp);
         user = await userController.GetCurrentUser(CurrentCancellationToken);
 
-        profileImageUrl = new Uri(AbsoluteServerAddress, $"/api/Attachment/GetProfileImage/{user.Id}?version={concurrencyStamp}").ToString();
+        profileImageUrl = new Uri(AbsoluteServerAddress, $"/api/Attachment/GetProfileImage/{user.Id}?version={user.ConcurrencyStamp}").ToString();
 
         await base.OnInitAsync();
     }

src/Templates/Boilerplate/Bit.Boilerplate/src/Client/Boilerplate.Client.Core/Components/Pages/Authorized/Settings/ProfileSection.razor.cs

@@ -27,20 +27,16 @@ protected override async Task OnInitAsync()
 
         removeProfileImageHttpUrl = $"api/Attachment/RemoveProfileImage?access_token={accessToken}";
 
-        var (userId, concurrencyStamp) = await PrerenderStateService.GetValue(async () =>
-        {
-            var user = (await AuthenticationStateTask).User;
-            return (user.GetUserId(), user.GetConcurrencyStamp());
-        });
-        profileImageUrl = new Uri(AbsoluteServerAddress, $"/api/Attachment/GetProfileImage/{userId}&version={concurrencyStamp}").ToString();
         profileImageUploadUrl = new Uri(AbsoluteServerAddress, $"/api/Attachment/UploadProfileImage?access_token={accessToken}").ToString();
 
         await base.OnInitAsync();
     }
 
     protected override void OnParametersSet()
     {
-        User?.Patch(editUserDto);
+        User!.Patch(editUserDto);
+
+        profileImageUrl = new Uri(AbsoluteServerAddress, $"/api/Attachment/GetProfileImage/{User!.Id}?version={User.ConcurrencyStamp}").ToString();
 
         base.OnParametersSet();
     }
@@ -101,8 +97,6 @@ private async Task HandleOnUploadComplete()
 
         try
         {
-            var concurrencyStamp = (await AuthenticationStateTask).User.GetConcurrencyStamp();
-            userController.AddQueryString("version", concurrencyStamp);
             var updatedUser = await userController.GetCurrentUser(CurrentCancellationToken);
 
             User.ProfileImageName = updatedUser.ProfileImageName;

src/Templates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Controllers/Identity/IdentityController.cs

@@ -104,7 +104,6 @@ public async Task SignIn(SignInRequestDto request, CancellationToken cancellatio
         }
 
         userClaimsPrincipalFactory.SessionClaims.Add(new(AppClaimTypes.SESSION_ID, userSession.Id.ToString()));
-        userClaimsPrincipalFactory.SessionClaims.Add(new(AppClaimTypes.CONCURRENCY_STAMP, user.ConcurrencyStamp!));
         userClaimsPrincipalFactory.SessionClaims.Add(new(AppClaimTypes.SESSION_STAMP, userSession.StartedOn.ToUnixTimeSeconds().ToString()));
         if (userSession.Privileged)
         {
@@ -251,7 +250,6 @@ public async Task<ActionResult<TokenResponseDto>> Refresh(RefreshRequestDto requ
             userSession.RenewedOn = DateTimeOffset.UtcNow;
 
             userClaimsPrincipalFactory.SessionClaims.Add(new(AppClaimTypes.SESSION_ID, currentSessionId.ToString()));
-            userClaimsPrincipalFactory.SessionClaims.Add(new(AppClaimTypes.CONCURRENCY_STAMP, user.ConcurrencyStamp!));
             userClaimsPrincipalFactory.SessionClaims.Add(new(AppClaimTypes.SESSION_STAMP, userSession.RenewedOn.Value.ToUnixTimeSeconds().ToString()));
 
             userSession.Privileged = await IsUserSessionPrivileged(userSession, cancellationToken);

src/Templates/Boilerplate/Bit.Boilerplate/src/Server/Boilerplate.Server.Api/Controllers/Identity/UserController.cs

@@ -33,7 +33,6 @@ public partial class UserController : AppControllerBase, IUserController
     //#endif
 
     [HttpGet]
-    [ResponseCache(Duration = 7 * 24 * 3600, Location = ResponseCacheLocation.Any)]
     public async Task<UserDto> GetCurrentUser(CancellationToken cancellationToken)
     {
         var userId = User.GetUserId();

src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Extensions/ClaimsPrincipalExtensions.cs

@@ -34,12 +34,4 @@ public static Guid GetSessionId(this ClaimsPrincipal claimsPrincipal)
     {
         return Guid.Parse(claimsPrincipal.FindFirst(AppClaimTypes.SESSION_ID)!.Value);
     }
-
-    /// <summary>
-    /// <inheritdoc cref="AppClaimTypes.CONCURRENCY_STAMP"/>
-    /// </summary>
-    public static string GetConcurrencyStamp(this ClaimsPrincipal claimsPrincipal)
-    {
-        return claimsPrincipal.FindFirst(AppClaimTypes.CONCURRENCY_STAMP)!.Value;
-    }
 }

src/Templates/Boilerplate/Bit.Boilerplate/src/Shared/Services/AuthPolicies.cs

@@ -48,11 +48,4 @@ public class AppClaimTypes
     /// on the maximum number of concurrent privileged sessions of the user.
     /// </summary>
     public const string SESSION_STAMP = "session_stamp";
-
-    /// <summary>
-    /// Stores the user's concurrency stamp in the JWT token.
-    /// This value is included as a query parameter (?version=xxx) when calling <see cref="IUserController.GetCurrentUser(CancellationToken)"/> or GetProfileImage.
-    /// The server uses this for accurate caching and ensuring updated data is served.
-    /// </summary>
-    public const string CONCURRENCY_STAMP = "concurrency_stamp";
 }