无法将 UserCookie 配置为 return 更正双重身份验证的 SignInStatus
Can't configure UserCookie to return correct SignInStatus for two factor Authentication
根据 MSDN
Both the local log in and social log in check to see if 2FA is enabled. If 2FA is enabled, the SignInManager logon method returns SignInStatus.RequiresVerification, and the user will be redirected to the SendCode action method, where they will have to enter the code to complete the log in sequence. If the user has RememberMe is set on the users local cookie, the SignInManager will return SignInStatus.Success and they will not have to go through 2FA.
我确实希望用户能够使用应用程序的记住我功能,但我不知道如何让 cookie 放弃此设置,以便 SignInStatus returns RequiresVerifacation。实际上,我什至不能 100% 确定是 cookie 引起的。我所知道的是我已经启用了 TFA,并且在 AspUsers table 中我可以看到 TwoFactorEnabled 设置为 true 但状态始终 returning 为成功。
这是我没有得到我想要的东西的控制器
[AllowAnonymous]
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
return RedirectToAction("Login");
}
// Sign in the user with this external login provider if the user already has a login
var result = await SignInManager.ExternalSignInAsync(loginInfo, isPersistent: false);
var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = false });
case SignInStatus.Failure:
default:
// If the user does not have an account, then prompt the user to create an account
ViewBag.ReturnUrl = returnUrl;
ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = loginInfo.Email });
}
}
根据 this MSDN page var 结果应该 return SignInStatus.RequiresVerification 但是当 return 从 google 从 OAuth 登录时 return 成功=] 或只是常规登录。用户在 AspUsers Table 中将他们的 TwoFactorEnabled 设置为 true,这是根据文档检查的结果。
根据 MSDN
Both the local log in and social log in check to see if 2FA is enabled. If 2FA is enabled, the SignInManager logon method returns SignInStatus.RequiresVerification, and the user will be redirected to the SendCode action method, where they will have to enter the code to complete the log in sequence. If the user has RememberMe is set on the users local cookie, the SignInManager will return SignInStatus.Success and they will not have to go through 2FA.
我确实希望用户能够使用应用程序的记住我功能,但我不知道如何让 cookie 放弃此设置,以便 SignInStatus returns RequiresVerifacation。实际上,我什至不能 100% 确定是 cookie 引起的。我所知道的是我已经启用了 TFA,并且在 AspUsers table 中我可以看到 TwoFactorEnabled 设置为 true 但状态始终 returning 为成功。
这是我没有得到我想要的东西的控制器
[AllowAnonymous]
public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
{
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
return RedirectToAction("Login");
}
// Sign in the user with this external login provider if the user already has a login
var result = await SignInManager.ExternalSignInAsync(loginInfo, isPersistent: false);
var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = false });
case SignInStatus.Failure:
default:
// If the user does not have an account, then prompt the user to create an account
ViewBag.ReturnUrl = returnUrl;
ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = loginInfo.Email });
}
}
根据 this MSDN page var 结果应该 return SignInStatus.RequiresVerification 但是当 return 从 google 从 OAuth 登录时 return 成功=] 或只是常规登录。用户在 AspUsers Table 中将他们的 TwoFactorEnabled 设置为 true,这是根据文档检查的结果。