Home > Software design >  Google Authenticator 2FA returning True always
Google Authenticator 2FA returning True always

Time:12-17

I'm using the GoogleAuthenticator nuget package for 2FA authentication in an ASP.NET application. The issue being that the function ValidateTwoFactorPIN always returns true even when the authenticator app has already changed TOTP code. TwoFactorSetupRequest printed in console

public TwoFactorSetupResponse Enable(string email)
        {
            var accountSecretKey = $"{SecretCode}-{email}";
            var setupInfo = _twoFactorAuthenticator.GenerateSetupCode("App", email, Encoding.ASCII.GetBytes(accountSecretKey));

            return new TwoFactorSetupResponse()
            {
                Account = setupInfo.Account,
                ManualEntryKey = setupInfo.ManualEntryKey,
                QrCodeSetupImageUrl = setupInfo.QrCodeSetupImageUrl,
            };
        }

        public bool IsCodeValid(string email, string code)
        {
            var accountSecretKey = $"{SecretCode}-{email}";
            return _twoFactorAuthenticator.ValidateTwoFactorPIN(accountSecretKey, code);
        }

CodePudding user response:

That package's default drift tolerance is five minutes, so either test with smaller tolerance or wait until the tolerance window has passed.

Page link:https//www.codepudding.com/Softwaredesign/231122.html

Prev:Modify an old JQuery script to select a specific number of checkboxes
Next:Angular and .Net Core Project VS 2022: An unhandled exception occurred: Project 'Leon\AppData
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding