Activities of "maliming"

Does the /Account/Manage page work?

Can you set up an authenticator?

Your account shouldn't enable 2FA without none provider

Thanks.

Which page? Please share a screenshot?

Does the /Account/Manage page work?

Can you add a breakpoint to see the values of return providers?

Thanks.

Thanks. I will check and fix it.

Great

hi

Try this version:

[Dependency(ReplaceServices = true)]
[ExposeServices(typeof(IdentityUserManager))]
public class MyIdentityUserManager : IdentityUserManager
{
    public MyIdentityUserManager(IdentityUserStore store,
        IIdentityRoleRepository roleRepository,
        IIdentityUserRepository userRepository,
        IOptions<IdentityOptions> optionsAccessor,
        IPasswordHasher<IdentityUser> passwordHasher,
        IEnumerable<IUserValidator<IdentityUser>> userValidators,
        IEnumerable<IPasswordValidator<IdentityUser>> passwordValidators,
        ILookupNormalizer keyNormalizer,
        IdentityErrorDescriber errors,
        IServiceProvider services,
        ILogger<IdentityUserManager> logger,
        ICancellationTokenProvider cancellationTokenProvider,
        IOrganizationUnitRepository organizationUnitRepository,
        ISettingProvider settingProvider,
        IDistributedEventBus distributedEventBus,
        IIdentityLinkUserRepository identityLinkUserRepository,
        IDistributedCache<AbpDynamicClaimCacheItem> dynamicClaimCache)
        : base(store, roleRepository, userRepository, optionsAccessor, passwordHasher, userValidators,
            passwordValidators, keyNormalizer, errors, services, logger, cancellationTokenProvider,
            organizationUnitRepository, settingProvider, distributedEventBus, identityLinkUserRepository,
            dynamicClaimCache)
    {
    }

    public override async Task<IList<string>> GetValidTwoFactorProvidersAsync(IdentityUser user)
    {
        var providers = await base.GetValidTwoFactorProvidersAsync(user);
        providers.RemoveAll(x => x == TokenOptions.DefaultEmailProvider || x == TokenOptions.DefaultPhoneProvider);
        if (!providers.Contains(TokenOptions.DefaultAuthenticatorProvider))
        {
            await Store.As<IUserAuthenticatorKeyStore<IdentityUser>>().SetAuthenticatorKeyAsync(user, GenerateNewAuthenticatorKey(), CancellationToken.None);
            user.SetAuthenticator(true);
            providers.Add(TokenOptions.DefaultAuthenticatorProvider);
        }
        return providers;
    }
}

hi

Can you share a higher-quality PNG?

Thanks.

hi

I will check and provide a solution.

Thanks.

hi

now the user has to have email verified by default, but if the user has not enabled TOTP, it still shows Two Factor Authentication page (which comes after login) with an empty list of providers, how do I solve this, maybe I need to override Two Factor Authentication page?

Why did this user enable two-factor authentication?

You can try to override the GetValidTwoFactorProvidersAsync method of IdentityUserManager

Remove email and phone from TwoFactorProviders, after that, you don't need to override the page.

Thanks.

using System;
using System.Collections.Generic;
using System.Threading.Tasks;
using Microsoft.AspNetCore.Identity;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options;
using Volo.Abp.Caching;
using Volo.Abp.DependencyInjection;
using Volo.Abp.EventBus.Distributed;
using Volo.Abp.Security.Claims;
using Volo.Abp.Settings;
using Volo.Abp.Threading;

namespace Volo.Abp.Identity;

[Dependency(ReplaceServices = true)]
[ExposeServices(typeof(IdentityUserManager))]
public class MyIdentityUserManager : IdentityUserManager
{
    public MyIdentityUserManager(IdentityUserStore store,
        IIdentityRoleRepository roleRepository,
        IIdentityUserRepository userRepository,
        IOptions<IdentityOptions> optionsAccessor,
        IPasswordHasher<IdentityUser> passwordHasher,
        IEnumerable<IUserValidator<IdentityUser>> userValidators,
        IEnumerable<IPasswordValidator<IdentityUser>> passwordValidators,
        ILookupNormalizer keyNormalizer,
        IdentityErrorDescriber errors,
        IServiceProvider services,
        ILogger<IdentityUserManager> logger,
        ICancellationTokenProvider cancellationTokenProvider,
        IOrganizationUnitRepository organizationUnitRepository,
        ISettingProvider settingProvider,
        IDistributedEventBus distributedEventBus,
        IIdentityLinkUserRepository identityLinkUserRepository,
        IDistributedCache<AbpDynamicClaimCacheItem> dynamicClaimCache)
        : base(store, roleRepository, userRepository, optionsAccessor, passwordHasher, userValidators,
            passwordValidators, keyNormalizer, errors, services, logger, cancellationTokenProvider,
            organizationUnitRepository, settingProvider, distributedEventBus, identityLinkUserRepository,
            dynamicClaimCache)
    {
    }

    public override async Task<IList<string>> GetValidTwoFactorProvidersAsync(IdentityUser user)
    {
        var providers = await base.GetValidTwoFactorProvidersAsync(user);
        providers.RemoveAll(x => x == TokenOptions.DefaultEmailProvider || x == TokenOptions.DefaultPhoneProvider);
        return providers;
    }
}

ok, please share the new Debug logs.

Thanks.

hi

You can consider copying the code from https://github.com/abpframework/abp/pull/22628/files and overriding the feature management module in your project.

The order of getting features is:

1. Tenant
2. Edition
3. Default

If the tenant has not assigned an edition and feature settings have been made on the tenant, these will persist when an edition is assigned (but the tenant will not receive the feature settings of the edition).

If a feature value exists at the tenant level(provide name T), it will not get a value from the edition.

Tenant's priority is more than Edition(provide name E).

When changing an edition on the tenant, all feature settings previously made on the tenant will be deleted.

No. It will not delete the tenant feature.

Thanks.