Warm tip: This article is reproduced from stackoverflow.com, please click
asp.net-core-2.0 model-view-controller security asp.net-core-identity

Enforce use of 2FA in .net core application using identity

发布于 2020-04-13 10:41:19

I've set up 2 factor authentication in my .net core mvc application using the guide from here This is all working fine however it relies on the user going into their account and setting up 2FA. Is there any way I can force the user to do this so all users must use 2FA?

Questioner
jfdi
Viewed
19
分享
Nan Yu 2020-02-04 10:47

One ways is during login you check whether user have set the 2FA by :

var user = await _userManager.FindByEmailAsync(Input.Email);
var twoFactorEnabled = user.TwoFactorEnabled;

If it is false , you can then redirect user to config the 2FA page(./Manage/TwoFactorAuthentication) , after user set the 2FA and enable 2FA , TwoFactorEnabled in AspNetUsers table will be True and then during the login process , identity will automatically redirect user to ./LoginWith2fa page for 2FA login if current user's TwoFactorEnabled value is true .

jfdi 2020-02-04 19:36:06

Thank you, great help.

Related issues

1
Javascript website security
2
OAuth2
3
zsh: no matches found: requests[security]
4
How to secure my API against "fictitious" payload?
5
Prevent showing the UI5 app internal page without successful authentication
6
How to remove keychain access to visual studio on a mac?
7
security risk?
8
I can't find Maven dependency for the code sample : Keys.hmacShaKeyFor(...);
9
My wordpress has been hacked, but what did the hacker do and how can I prevent it/ fix damage done
10
How can I prevent SQL injection in PHP?