locked
Enabling/Disabling Two-Factor Authentication for ApplicationUser is not Persisted in the SQL Server Database RRS feed

  • Question

  • User107954528 posted

    I am implementing two-factor authentication in an ASP.NET Web Forms project. This has been successfully implemented and works. The two-factor code is sent out by e-mail. The number is entered in the web page. The user is signed in and authenticated.

    Lock out after too many failed login attempts has been implemented and works. I can see data being written to the AspNetUsers database table.

    I would like the user to be able to enable or disable two-factor authentication. The user clicks a check box. The following lines of code execute without error:

    UserManager manager = new UserManager();
    ApplicationUser user = new ApplicationUser();

    user = manager.FindByName(sUserName);

    user.TwoFactorEnabled = cbxTwoFactorAuthentication.Checked;

    However, the bit in the TwoFactorEnabled column of the AspNetUsers table never changes value.  

    Friday, October 25, 2019 3:49 PM

Answers

  • User107954528 posted

    To enable or disable two-factor authentication use:  

    var resultEnaDis2FA = manager.SetTwoFactorEnabled(user.Id, cbxTwoFactorAuthentication.Checked);

    not 

    user.TwoFactorEnabled = cbxTwoFactorAuthentication.Checked; 

    The line of code 

    var resultEnaDis2FA = manager.SetTwoFactorEnabled(user.Id, cbxTwoFactorAuthentication.Checked);

    will persist the change in the database (column TwoFactorEnabled in table AspNetUsers).  

    This issue is solved.  

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Friday, October 25, 2019 5:08 PM