c# - Asp 身份两因素身份验证不起作用
问题描述
所以我试图让两因素身份验证在我的 MVC 5 应用程序中使用 ASP 身份工作,但无论何时SignInManager.PasswordSignInAsync()
调用它总是返回成功,无论是否启用了两因素身份验证。
如您所见,用户有一封已确认的电子邮件,并且 TwoFactorEnabled Prop 设置为 true。这是我的身份配置:
using System;
using System.Collections.Generic;
using System.Data.Entity;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using System.Web;
using System.Configuration;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.EntityFramework;
using Microsoft.AspNet.Identity.Owin;
using Microsoft.Owin;
using Microsoft.Owin.Security;
using AEMS.Models;
using Domain;
using Twilio.Mvc;
using Twilio;
using Twilio.Rest.Api.V2010.Account;
using Twilio.Types;
using System.Net.Mail;
namespace AEMS
{
public class EmailService : IIdentityMessageService
{
public Task SendAsync(IdentityMessage message)
{
// Plug in your email service here to send an email.
String userName = ConfigurationManager.AppSettings["EmailFrom"];
String password = ConfigurationManager.AppSettings["EmailPassword"];
MailMessage msg = new MailMessage();
msg.To.Add(new MailAddress(message.Destination));
msg.From = new MailAddress(ConfigurationManager.AppSettings["EmailFrom"]);
msg.Subject = message.Subject;
msg.Body = message.Body;
msg.IsBodyHtml = true;
SmtpClient client = new SmtpClient();
client.Host = ConfigurationManager.AppSettings["EmailHost"];
client.Credentials = new System.Net.NetworkCredential(ConfigurationManager.AppSettings["EmailFrom"], ConfigurationManager.AppSettings["EmailPassword"]);
client.Port = int.Parse(ConfigurationManager.AppSettings["EmailPort"]);
client.EnableSsl = bool.Parse(ConfigurationManager.AppSettings["EmailEnableSSL"]);
client.Send(msg);
return Task.FromResult(0);
}
}
public class SmsService : IIdentityMessageService
{
public Task SendAsync(IdentityMessage message)
{
// Plug in your SMS service here to send a text message.
//Set our AccountSid and AuthToken
string AccountSid = ConfigurationManager.AppSettings["SMSAccountSid"];
string AuthToken = ConfigurationManager.AppSettings["SMSAuthToken"];
//Instantiate a new Twilio Rest Client
TwilioClient.Init(AccountSid, AuthToken);
var sendMessage = MessageResource.CreateAsync(
message.Destination,
from: ConfigurationManager.AppSettings["SMSAccountFrom"],
body: message.Body);
return Task.FromResult(0);
}
}
// Configure the application user manager used in this application. UserManager is defined in ASP.NET Identity and is used by the application.
public class ApplicationUserManager : UserManager<ApplicationUser>
{
public ApplicationUserManager(IUserStore<ApplicationUser> store)
: base(store)
{
}
public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
{
var manager = new ApplicationUserManager(new UserStore<ApplicationUser>(context.Get<ApplicationDbContext>()));
// Configure validation logic for usernames
manager.UserValidator = new UserValidator<ApplicationUser>(manager)
{
AllowOnlyAlphanumericUserNames = false,
RequireUniqueEmail = true,
};
// Configure validation logic for passwords
manager.PasswordValidator = new PasswordValidator
{
RequiredLength = 6,
RequireNonLetterOrDigit = true,
RequireDigit = true,
RequireLowercase = true,
RequireUppercase = true,
};
//Configure user lockout defaults
manager.UserLockoutEnabledByDefault =
Convert.ToBoolean(ConfigurationManager.AppSettings["UserLockoutEnabledByDefault"].ToString());
manager.DefaultAccountLockoutTimeSpan =
TimeSpan.FromHours(Double.Parse(ConfigurationManager.AppSettings["DefaultAccountLockoutTimeSpan"].ToString()));
manager.MaxFailedAccessAttemptsBeforeLockout =
Convert.ToInt32(ConfigurationManager.AppSettings["MaxFailedAccessAttemptsBeforeLockout"].ToString());
//manager.UserLockoutEnabledByDefault = true;
//manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(5);
//manager.MaxFailedAccessAttemptsBeforeLockout = 5;
// Register two factor authentication providers. This application uses Phone and Emails as a step of receiving a code for verifying the user
// You can write your own provider and plug it in here.
manager.RegisterTwoFactorProvider("PhoneCode", new PhoneNumberTokenProvider<ApplicationUser>
{
MessageFormat = "Your security code is {0}"
});
manager.RegisterTwoFactorProvider("EmailCode", new EmailTokenProvider<ApplicationUser>
{
Subject = "Security Code",
BodyFormat = "Your security code is {0}"
});
manager.EmailService = new EmailService();
manager.SmsService = new SmsService();
var dataProtectionProvider = options.DataProtectionProvider;
if (dataProtectionProvider != null)
{
manager.UserTokenProvider =
new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity"));
}
return manager;
}
}
// Configure the application sign-in manager which is used in this application.
public class ApplicationSignInManager : SignInManager<ApplicationUser, string>
{
public ApplicationSignInManager(ApplicationUserManager userManager, IAuthenticationManager authenticationManager)
: base(userManager, authenticationManager)
{
}
public override Task<ClaimsIdentity> CreateUserIdentityAsync(ApplicationUser user)
{
return user.GenerateUserIdentityAsync((ApplicationUserManager)UserManager);
}
public static ApplicationSignInManager Create(IdentityFactoryOptions<ApplicationSignInManager> options, IOwinContext context)
{
return new ApplicationSignInManager(context.GetUserManager<ApplicationUserManager>(), context.Authentication);
}
}
}
我似乎无法弄清楚我错过了什么
解决方案
推荐阅读
- macos - Flutter macOS 插件
- r - 提供的列类型矩阵是未知的。由于参数无效,无法继续解析
- python - 灰度图像中轮廓图的OpenCV平均强度
- java - 在 JSONObject 中创建 JSONObject 以发布数据
- html - 如何在 iphone 的灯光模式下保持电子邮件模板 [Newsletter] 相同的背景
- python - 如何解决 Pandas Dataframe 中的格式错误 - 长度问题或格式?
- asp.net - SqlException:列名“NormalizedName”无效。列名“ConcurrencyStamp”无效。列名“NormalizedName”无效
- arrays - Spark:从 Scala 中的嵌套数组中删除第一个数组
- html - 如何使用 Bootstrap 4 在 div 旁边放置链接按钮
- xamarin.android - textview 可见性 xamarin android