Open Closed

User is null when using two-factor login #869


User avatar
0
Johannes created
  • ABP Framework version: v3.3.0
  • UI type: Angular
  • DB provider: EF Core

We've implemented our own login controller for use by an external app. The login endpoint uses the signinmanager: protected SignInManager<Volo.Abp.Identity.IdentityUser> SignInManager { get; } And logs in:

var signInResult = await SignInManager.PasswordSignInAsync(
                login.UserNameOrEmailAddress,
                login.Password,
                login.RememberMe,
                true
);

This works fine for users without 2-factor enabled. When 2-factor is enabled, we get the expected 2-factor cookie back:

Which we then provide in the header when calling a SendSmsSecurityCode endpoint.

This it where we get confused: SignInManager.GetTwoFactorAuthenticationUserAsync() returns null. How can this happen? Are we doing something wrong?


4 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Can you set a break poing at SendSmsSecurityCode method to confirm that cookies are sent.

  • User Avatar
    0
    Johannes created

    The Identity.TwoFactorUserId cookie is included as seen here

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi @Johannes

    Can you share a simple project to reproduce this problem? liming.ma@volosoft.com

  • User Avatar
    0
    Johannes created

    We fixed it, it was a problem with multitenancy.

Made with ❤️ on ABP v9.1.0-preview. Updated on December 12, 2024, 07:15