ASP.NET Identity Two Factor not working - cookie problem?

Question

ASP.NET Identity Two Factor not working - cookie problem?

Background:

I used the Identity-Sample project provided by the Microsoft team here :

I combined the Identity-Sample project and prerelease nuget projects into an existing project that previously used the latest stable version of Identity.

Problem:

When trying to use 2FA inside the Account/SendCode there is a call to GetVerifiedUserIdAsync() , which is part of the Microsoft.AspNet.Identity.Owin.SignInManager class. (full code here )

GetVerifiedUserIdAsync() returns null (i.e., he could not find the verified user, although I was logged in with 1 factor.) I believe that he does not find the correct cookie.

When I launch the Identity-Sample application, my browser shows _RequestVerificationToken AND TwoFactorCookie , and everything works.

When I launch my application, my browser ONLY displays the _RequestVerificationToken cookie, and I get null .

Question: (if there is a problem with the cookie)

How can I get my application to set a cookie correctly when calling the SignInManager.PasswordSignInAsync(...) method (inside Account/Login )?

+7

.net asp.net-mvc-5 asp.net-identity two-factor-authentication

Asx Jul 04 '14 at 17:48

source share

1 answer

Suhas joshi · Accepted Answer · 2014-07-08T23:58:16+0000

In the Startup.Auth class, register a cookie

 app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));

In the post page Login action, if you use the new SigninManager.PasswordSigninAsync, it will set an intermittent cookie if 2 FAs are activated for the user, and return SignInStatus.RequiresVerification. Then you can use SigninManager.GetVerifiedUserAsync should return the user id

ASP.NET Identity Two Factor not working - cookie problem?

More articles: