Google 身份验证器 2FA 始终返回 True
Google Authenticator 2FA returning True always
我在 ASP.NET 应用程序中使用 GoogleAuthenticator nuget 包进行 2FA 身份验证。问题是函数 ValidateTwoFactorPIN 总是 returns true 即使身份验证器应用程序已经更改了 TOTP 代码。 Nuget Package
public TwoFactorSetupResponse Enable(string email)
{
var accountSecretKey = $"{SecretCode}-{email}";
var setupInfo = _twoFactorAuthenticator.GenerateSetupCode("App", email, Encoding.ASCII.GetBytes(accountSecretKey));
return new TwoFactorSetupResponse()
{
Account = setupInfo.Account,
ManualEntryKey = setupInfo.ManualEntryKey,
QrCodeSetupImageUrl = setupInfo.QrCodeSetupImageUrl,
};
}
public bool IsCodeValid(string email, string code)
{
var accountSecretKey = $"{SecretCode}-{email}";
return _twoFactorAuthenticator.ValidateTwoFactorPIN(accountSecretKey, code);
}
该包的默认值 drift tolerance is five minutes,因此要么使用较小的公差进行测试,要么等到公差 window 已通过。
我在 ASP.NET 应用程序中使用 GoogleAuthenticator nuget 包进行 2FA 身份验证。问题是函数 ValidateTwoFactorPIN 总是 returns true 即使身份验证器应用程序已经更改了 TOTP 代码。 Nuget Package
public TwoFactorSetupResponse Enable(string email)
{
var accountSecretKey = $"{SecretCode}-{email}";
var setupInfo = _twoFactorAuthenticator.GenerateSetupCode("App", email, Encoding.ASCII.GetBytes(accountSecretKey));
return new TwoFactorSetupResponse()
{
Account = setupInfo.Account,
ManualEntryKey = setupInfo.ManualEntryKey,
QrCodeSetupImageUrl = setupInfo.QrCodeSetupImageUrl,
};
}
public bool IsCodeValid(string email, string code)
{
var accountSecretKey = $"{SecretCode}-{email}";
return _twoFactorAuthenticator.ValidateTwoFactorPIN(accountSecretKey, code);
}
该包的默认值 drift tolerance is five minutes,因此要么使用较小的公差进行测试,要么等到公差 window 已通过。