Can anyone point me towards any tutorials for implementing two factor authentication using the old .NET Membership system?
I have a legacy web forms application that I'd like to add 2FA to, but all of the tutorials I find are for inplementing it in the newer ASP.NET Identity system.
Upgrading from the Membership system to the Identity system is not an option right now, unfortunately.
答案 0 :(得分:0)
您将需要编写一个自定义成员资格提供程序,并找到一种将多个凭据传递给MembershipProvider的方法,作为额外参数或使用新方法。由于MembershipProvider在每个应用程序域中只能创建一次,并且可以处理多个用户请求,因此最好不要在验证密码和第二因素之间分开调用。
我想出的解决方案实现了一个额外的接口,并且在验证传递回服务器的凭据时会检查提供程序是否提供此支持。
首先,定义一个接受多种因素(例如密码和OTP)的接口
#!/bin/sh
SERVER="'hostname'"
echo "$SERVER"
HOST=${HOSTNAME%%.*}
echo "$HOST"
然后在您现有的MembershipProvider中实现此附加接口
public interface I2FAMembershipProvider
{
bool ValidateUser2FA(string username, string firstFactor, string secondFactor);
}
最后,在将凭据重新发布到服务器时验证凭据时,请检查提供程序是否支持此接口:
public sealed class SampleProvider: MembershipProvider, I2FAMembershipProvider
{
//Validate 2FA requests with both factors simultaneously
public bool ValidateUser2FA(string username, string firstFactor, string secondFactor)
{
//... implementation here
}
//Traditional single factor authentication
public override bool ValidateUser(string username, string passcode)
{
//... implementation here
}