According to the source code there is a 90 second skew to allow time for a message to be sent and received.
Perhaps that's why your 45 second expiration is "not working" as expected?
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Is there a way to extend the 2FA and Email confirmation token expiration timespan with email in .NET 8.0?
I am using the Microsoft.AspNetCore.Identity and Microsoft.AspNetCore.Authentication classes to use the 2FA with Email.
builder.Services.AddIdentity<IdentityUser<Guid>, IdentityRole<Guid>>(options =>
{
options.SignIn.RequireConfirmedAccount = true;
options.SignIn.RequireConfirmedEmail = true;
options.Tokens.EmailConfirmationTokenProvider = "EmailConfirmationTokenProvider";
options.Tokens.AuthenticatorTokenProvider = "TwoFactorTokenProvider";
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders()
.AddTokenProvider<EmailConfirmationTokenProvider<IdentityUser<Guid>>>("EmailConfirmationTokenProvider")
.AddTokenProvider<TwoFactorTokenProvider<IdentityUser<Guid>>>("TwoFactorTokenProvider");
builder.Services.Configure<EmailConfirmationTokenProviderOptions>(opt => opt.TokenLifespan = TimeSpan.FromMinutes(5));
builder.Services.Configure<TwoFactorTokenProviderOptions>(opt => opt.TokenLifespan = TimeSpan.FromSeconds(45));
Everything works great with EmailConfirmation, but TwoFactorTokenProvider expiration is not working. Help please
According to the source code there is a 90 second skew to allow time for a message to be sent and received.
Perhaps that's why your 45 second expiration is "not working" as expected?