Project

Two Factor Authentication

ASP.NET Zero is ready to provide two factor login, but it's disabled as default. You can easily enable it in host settings page (in Security tab):

Note: In a multi-tenant application, two factor authentication is available to tenants only if it's enabled in the host settings. Also, email verification and SMS verification settings are only available in the host side. This is by design.

When it's enabled, user is asked to select a verification provider after entering user name and password:

Send security code

Then a confirmation code is sent to the selected provider and user enters the code in the next page:

Verify security code

Email Verification

This is available if user has a confirmed email address. Since email sending is disabled in debug mode, you can see the code in logs. In release mode, email will be sent (You can change this from server side).

SMS Verification

This is available if user has a confirmed phone number. SMS sending is not implemented actually (because it requires an integration to an SMS vendor). Current implementation just writes security code to logs. You should complete SmsSender class in the server side to make it usable. Otherwise, disable SMS verification in the settings.

Twilio Integration

In order to enable Twilio integration, just uncomment the following line in your CoreModule (in your Core project):

Configuration.ReplaceService<ISmsSender,TwilioSmsSender>();

You also need to configure AccountSid, AuthToken and SenderNumber in appsetting.json file.

Next

Contributors


Last updated: March 27, 2019 Edit this page on GitHub
In this document