Open Closed

Verify-Two-Factor-Code-on-mobile #7364


User avatar
0
pauldonn created
  • ABP Framework version: v8.1.0
  • UI Type: Flutter
  • Database System: EF Core SQL Serve
  • Tiered (for MVC): yes
  • Exception message and full stack trace:
  • Steps to reproduce the issue:
    1. Enable 2FA for the user:
    1. POST to /connect/token
    • client_id: [clientId]
    • grant_type: password
    • username: [user]
    • password: [password]
    • scope: [scope]

We need to enable 2FA for our mobile app. When it is enabled for a user the connect/token request returns an "invalid_grant" error witth "RequiresTwoFactor" message. We can request a 2FA code with a request to account/send-two-factor-code but are unsure how to verify this code and proceed with authenticating the user.

How can we verify the code returned from account/send-two-factor-code and login the user?


6 Answer(s)
  • User Avatar
    0
    pauldonn created

    Hi, is anyone able to assist with this issue?

  • User Avatar
    0
    masum.ulu created
    Support Team Angular Expert

    Hi this is related with OpenIddict https://docs.abp.io/en/commercial/latest/modules/openiddict

    you need to register your flutter app to OpenId in that way you can enable 2F auth.

  • User Avatar
    0
    pauldonn created

    Thanks for the reply. We have the OpenIddict module on our Blazor web application (.Net 8.0). We are trying to have our mobile app authenticate against this application to allow for API calls.

    Before we enabled 2FA we were able to authenticate with the token endpoint but cannot anymore with the 2FA challenge.

    With the OpenIddict module already on the web application, is there an endpoint for our mobile app to login and handle a 2FA challenge?

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    When your login fails, a security code will be generated and responded.

    https://github.com/abpframework/abp/blob/OrganizationUnitEto/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs#L224-L244

    Then you can request again using the security code

    https://github.com/abpframework/abp/blob/OrganizationUnitEto/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs#L199-L200

  • User Avatar
    0
    pauldonn created

    Thanks liangshiwei, but I get 404s for those links. Have they been moved? I can't seem to find it by searching either.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Sorry,

    https://github.com/abpframework/abp/blob/dev/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs#L224-L244

    https://github.com/abpframework/abp/blob/dev/modules/openiddict/src/Volo.Abp.OpenIddict.AspNetCore/Volo/Abp/OpenIddict/Controllers/TokenController.Password.cs#L199-L200

Made with ❤️ on ABP v9.1.0-preview. Updated on January 02, 2025, 07:06