Hi,
thanks for the tips , I'm nearly at the end of this implementation. I had to create my custom view component in order to leave Account Management as it is originally implemented.
Is there also a possibility to add these custom steps with using the ExternalProvider login ?
So when user is loggin in through some external entry in example MFA , and then check the same things like within normal log in ?
Hi , I've managed to get Authenticator App Configuration Wizard , but I found issue that there is no QR Code generated . I've copied the code from Volo.Abp.Account.Pro.Public.Web/Pages/Account/Components/ProfileManagementGroup/AuthenticatorApp
and also I've copied the javascript file and injected it like this :
is there something more to do , in order to have that QR code generated ?
Hi , thank You for the answers , i have one more question.
Is it possible to overwrite this authenticator app configuration page :
and put only the wizard , on the view like this below ? :
Yes , I've also used CLI to download the source code but since I've done custom redirection for authenticator app configruation wizard , I saw that there is a need to also overwrite the VerifySecurityCode.cshtml view in order to show the Two Factor Verification step . Am I right ?
I've done something like this :
and the TwoFactorConfigurationWizard method :
I've renamed this method from TwoFactorLoginResultAsync method .
Hi , can I also kindly ask for a hint with overriding the 2 factor step page ( this on the screen below ) , some direction to source code would be great :
With overriding the Login.cshtml and Login.cshtml.cs page from this source : https://github.com/abpframework/abp/blob/dev/modules/account/src/Volo.Abp.Account.Web/Pages/Account/Login.cshtml.cs
I've noticed this method :
as far as i understand the process , once user has configured authenticator app , the result from this part :
contains RequiredTwoFactor property set on true and Succeeded property set on False.
Does it mean that we have to also overwrite the Two Factor Verification step ?
Hi ,
I've managed to get this code from Default.js , but it looks quite different than on the screen You showed .
Is it a correct file ?
Hi , thank You very much .
I saw there is a problem with downloading Abp.Account.Pro module.
I want to do this to analyze the /Pages/Account/Components/ProfileManagementGroup/TwoFactor/Default.js , and apply changes You mentioned.
Is it possible to send the source code on email : robert.sgodzaj@connexure.co ?
Hi ,
thanks for response.
We've managed to overwrite login page , and got an access to the login process programmatically. Injection of AccountAppService was also a good hint ! Thanks for that.
Our next steps is to check whether the setting is set to Forced and if yes then redirect to the authenticator app wizard.
further questions :
Is there also a possibility to give some information about how can I obtain the TwoFactor option ( Forced / Optional ) from Settings , which can be settled up by admin host account ? ( i try to use ISettingsProvider in overwritten Login.cshtml.cs , to obtain this settings but idk how it is named )
Is it possible to attach to the end of the authenticator app configuration process and then for example force user to relogin after he will end the configuration process , and will have to re-authenticate within the configured authenticator app ?
Hello ,
I've check recommended solution from this issue , https://abp.io/support/questions/8185/2FA-Authenticator-App-Registering-form-after-login .
It works fine but we would like to ask about forcing an authenticator app wizard. Scenario :
Logout
Login as a tenant admin , without configured Authenticator App
The result - You are logged in
checked on pure tiered project using newest abp framework 9.0.2 , with @volo/account": "~9.0.2"
Expected result : User sees the authenticator app configuration wizard , configures the app and login with 2FA.
**Notes and thoughts: **
such expected scenario is a standard behaviour while logging in to application on which the 2factor authentication is enabled ( in example all microsoft applications , when do not recognize user , performs an authenticator app wizard just after loggin in )
from admin host perspective , when I set the Two factor option to Forced, I expect every user while loggin in to have an authenticator app wizard opened - if not configured.
ABP Framework version: v9.0.2
UI Type: Blazor Server
Database System: EF Core (SQL Server)
Tiered (for MVC) or Auth Server Separated (for Angular): yes
