在使用Visual Studio 2015社区RC的ASP.NET MVC 5.2.3模板中获得的代码中,如果您按原样运行它们,并且注册了您的电子邮件地址(并且不是使用外部服务提供商,如Facebook或Google或Linked In或Twitter),然后如果您通过输入您的用户名和密码登录网站,它会直接让您登录并且不会触发双因素身份验证。它只是成功登录你。
具体来说,如果您输入正确的用户名和密码,PasswordSignInAsync
上的SignInManager
方法始终会返回SignInStatus
Success
。它永远不会评估为SignInStatus.RequiresVerification
。
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(LoginViewModel model,
string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout,
// change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(
model.Email, model.Password,
model.RememberMe, shouldLockout: true);
switch (result)
{
case SignInStatus.Success:
// if I sign-in with my correct user name
// and password, the flow-of-control always
// comes here. The SignInStatus never evaluates
// to RequiresVerification
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
// the flow-of-control never reaches here
return RedirectToAction("SendCode",
new
{
ReturnUrl = returnUrl,
RememberMe = model.RememberMe
});
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
即使默认代码已启用双因素身份验证并按照以下代码段所示进行设置,也会发生这种情况。
在Startup.ConfigureAuth
中app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie,
TimeSpan.FromMinutes(5));
app.UseTwoFactorRememberBrowserCookie(
DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
在ApplicationUserManager.Create中,为工厂方法。
// Register two factor authentication providers. This application uses Phone
// and Emails as a step of receiving a code for verifying the user
// You can write your own provider and plug it in here.
manager.RegisterTwoFactorProvider("Phone Code",
new PhoneNumberTokenProvider<ApplicationUser>
{
MessageFormat = "Your security code is {0}"
});
manager.RegisterTwoFactorProvider("Email Code",
new EmailTokenProvider<ApplicationUser>
{
Subject = "Security Code",
BodyFormat = "Your security code is {0}"
});
var container = Unity.Container;
manager.EmailService = container.Resolve<EmailService>();
manager.SmsService = container.Resolve<SmsService>();
我在Unity容器中设置了EmailService
和SmsService
,并且配置正确。
我还需要做些什么来正确设置它?我已经阅读了this article以及MSDN中的一些文档,以及其他网站上的一些关于设置这些内容的论坛帖子,但我不确定是否遗漏了某些内容。
这个人没有从任何地方被调用/重定向。我想这就是缺少的。
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<ActionResult> EnableTwoFactorAuthentication()
{
await UserManager.SetTwoFactorEnabledAsync(User.Identity.GetUserId(),
true);
var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
if (user != null)
{
await SignInManager.SignInAsync(user, isPersistent: false,
rememberBrowser: false);
}
return RedirectToAction("Index", "Manage");
}
似乎我错过了我必须专门让用户调用EnableTwoFactorAuthentication
操作的部分,因为目前没有调用它,但我不能确定它应该如何与其余的登录工作流程。
答案 0 :(得分:0)
从浏览器中单击f12并删除应用程序Cookie