Open Closed

Question on two-factor verification #4519


User avatar
0
balessi75 created

ABP 7.0.1 Commercial / Blazor Server / EF / Separated Tenant and Host DBs/ Non-tiered

Hi, If a tenant admin sets two factor to be 'optional' for each user, what would be the recommended approach to defaulting each newly added/registered user to have two-factor turned on. Currently the framework defaults to each AbpUser having two-factor turned off.

Thanks in advance!


2 Answer(s)
  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    You can custom the UserStore to override the CreateAsync method to enable the two-factor by default.

    For example:

    [ExposeServices(typeof(IdentityUserStore))]
    public class MyIdentityUserStore : IdentityUserStore
    {
        public MyIdentityUserStore(IIdentityUserRepository userRepository, IIdentityRoleRepository roleRepository, IGuidGenerator guidGenerator, ILogger<IdentityRoleStore> logger, ILookupNormalizer lookupNormalizer, IdentityErrorDescriber describer = null) : base(userRepository, roleRepository, guidGenerator, logger, lookupNormalizer, describer)
        {
        }
    
        public override async Task<IdentityResult> CreateAsync(IdentityUser user, CancellationToken cancellationToken = new CancellationToken())
        {
            await SetTwoFactorEnabledAsync(user, true, cancellationToken);
            return await base.CreateAsync(user, cancellationToken);
        }
    }
    

    PS: User must confirm his email and mobile number to use two-factor

  • User Avatar
    0
    balessi75 created

    Thanks @liangshiwei, this worked perfectly

Made with ❤️ on ABP v9.1.0-preview. Updated on December 10, 2024, 06:38