Menu
Background:
I have been using the Identity-Sample project provided by the Microsoft team here:
I have integrated the Identity-Sample project & prerelease nuget packages into an existing project, that was previously using the latest stable version of Identity.
Problem:
When trying 2FA, inside the Account/SendCode method, there is a call to GetVerifiedUserIdAsync() , which is part of the Microsoft.AspNet.Identity.Owin.SignInManager class. (see the full code here)
GetVerifiedUserIdAsync() is returning null (i.e. it could not find a verified user, even though I have logged in with 1 factor.) I believe that it is not finding the correct cookie.
When I run the Identity-Sample app, my browser shows a _RequestVerificationToken AND TwoFactorCookie & everything works.
When I run my own app, my browser shows ONLY the _RequestVerificationToken cookie & I get null.
Question: (if the cookie is the issue)
How can I get my app to correctly set the cookie when the SignInManager.PasswordSignInAsync(...) method is called (inside Account/Login)?
530
In Startup.Auth class register the cookie
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));
In the Login page post action, if you use the new SigninManager.PasswordSigninAsync, it will set the intermittent cookie if 2 FA is enabled on the user and return SignInStatus.RequiresVerification. You can then use SigninManager.GetVerifiedUserAsync should return the user ID
184
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
