Hi,@Sherpa
In the
AspNetUsers
table, I am settingTwoFactorEnabled = true
You have to follow the steps in this page to configure authenticator app instead of setting TwoFactorEnabled to true directly
It would be setted to true automaticlly after you compeleting the steps with the codes:
await _userManager.SetTwoFactorEnabledAsync(user, true);
Instead, if I direct the user to the
EnableAuthenticator.cshtml
page, it simply redirects to theLogin.cshtml
page.
EnableAuthenticator.cshtml
page is under Manage Folder by default, and Identity added gobal Authorize Attribute to Manage folder ,you can't visit it untill you login successfully(If you've enabled 2FA Authentication,you have to login both with password and the codes provided by Microsoft Authenticator)
Here's the source codes related:
public void PostConfigure(string name, RazorPagesOptions options)
{
name = name ?? throw new ArgumentNullException(nameof(name));
options = options ?? throw new ArgumentNullException(nameof(options));
options.Conventions.AuthorizeAreaFolder(IdentityUIDefaultAreaName, "/Account/Manage");
options.Conventions.AuthorizeAreaPage(IdentityUIDefaultAreaName, "/Account/Logout");
var convention = new IdentityPageModelConvention<TUser>();
options.Conventions.AddAreaFolderApplicationModelConvention(
IdentityUIDefaultAreaName,
"/",
pam => convention.Apply(pam));
options.Conventions.AddAreaFolderApplicationModelConvention(
IdentityUIDefaultAreaName,
"/Account/Manage",
pam => pam.Filters.Add(new ExternalLoginsPageFilter<TUser>()));
}
You have to login with Email/Password first,enable 2FA authentication following the steps in the page ,when you login next time ,enter the code you get from Microsoft Authenticator
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best regards,
RuikaiFeng