I'm trying to set up Two Factor Authentication on our app. Updated a user in AspNetUsers table and set it's TwoFactorEnabled value to 1 for testing.
While debugging, signInManager.PasswordSignInAsync return just "success", not "requires verification".
This is the line
signInStatus = await signInManager.PasswordSignInAsync(viewModel.Email, viewModel.Password, true, shouldLockout: false);
(Similar questions are generally answered as first value should be name instead of email but I don't think it's the issue. Login works correctly, for example if password is wrong it returns failure.)
I added the line below to Startup.Auth.cs too
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(10));
I'm still able to work with what I have like this (though I don't want to)
if (signInStatus == SignInStatus.Success && user.TwoFactorEnabled == true)
{
//rest of code to be written
}
but this feels too makeshift of a solution and feels prone to many future errors. I'd prefer using Identity but I can't at the moment because of this problem.
It is obvious I'm doing something wrong or missing something but I don't know what. Thanks in advance.
I found my solution by copying the SignInManager code directly into mine and stepping through it, you can learn more about that here: https://stackoverflow.com/a/52357870/550975
SignInManager return RequiresVerification if :
dbo.ASpnetUsers has for user set to true TwoFactorEnabled and EmailConfirmed and user
email should be confirmed, email not be empty or null.
Related
Please don't ask me not to use eval, this isn't going to be public anyways.
I've made a chatting website, and I have implemented a "!eval" command (admin only), whatever is after it is run. I can use "!eval '2'+'2'" (Strings added), but not "!eval 2+2." The error returned is .
I've console.logged the input to the eval, and it returned exactly what I wanted: "1+1." I've looked around for this, but it seems like no one else had this problem before. A solution (more like a debugging one) is that I tried "eval('1+1')" and returned the same error. Any thoughts? Thanks in advance.
(I forgot to add what I was expecting)
I was expecting this.
VLAZ pointed out in the comments that it must be another piece of code, which he is correct. I was encrypting the messages so it can be sent securely to the client, and it only takes a string. I added
if (typeof(results) != 'string'){
results = String(results)
}
and it seemed to work, Thanks!
I have a issue with the display_as.
I follow the example
$crud->display_as('lastName','Last Name');
$crud->display_as('firstName','First Name');
$crud->display_as('jobTitle','Job Title');
But the name does not change.
does this have something to do with the
application\libraries\Grocery_CRUD.php
where
protected $display_as = array();
Since it is protected and i have written my code in a public function?
I have been reading a lot but cant find anything about this.
grateful for any help
Thanks
public function employees_example()
{
$crud = new grocery_CRUD();
$crud->set_table('employees');
$crud->columns('lastName','firstName','email','jobTitle');
$crud->fields('lastName','firstName','extension','email','jobTitle');
$crud->display_as('lastName','Last Name');
$crud->display_as('firstName','First Name');
$crud->display_as('jobTitle','Job Title');
$output = $crud->render();
$this->_example_output($output);
}
but it does not change the display_as names
Well my friend, that protected variable declaration you saw in the code is the part of the code - the variable is protected, not the function. If you find in the code - the function is not protected.
It is hard to believe that the function ain't working unless you have done some personal alterations to the same. That is the base functionality that have existed for years and is working perfectly fine.
Only scenario where it might not work is .. in case you have specified your own set of fields / columns and that dose not include those fields and in that case it will not work.
For a proper answer - i will recommend you put up the code some place - the whole of the code for the method - and along with the table structure. That will help one identify as where and what is the issue and how can we reach to a proper solution.
I'd want to use a login page to access different firewalls, so I need to get information about the firewall I'm logging in.
In my controller I'd use
$this->container->get('security.context')->getToken()->getProviderKey()
but as an anonymous user I don't have access to getProviderKey method.
I could also parse
_security.xxx.target_path
to get xxx firewall but I'm looking for a more general solution if it exists at all.
Any idea?
As of symfony 3.2, you can now get the current firewall configuration using the following:
public function indexAction(Request $request)
{
$firewall = $this->container
->get('security.firewall.map')
->getFirewallConfig($request)
->getName();
}
Ref: http://symfony.com/blog/new-in-symfony-3-2-firewall-config-class-and-profiler
For Symfony 3.4 I wrote this to avoid referencing the non-public "security.firewall.map" service:
$firewallName = null;
if (($firewallContext = trim($request->attributes->get("_firewall_context", null))) && (false !== ($firewallContextNameSplit = strrpos($firewallContext, ".")))) {
$firewallName = substr($firewallContext, $firewallContextNameSplit + 1);
}
(Referencing "security.firewall.map" on 3.4 will throw an exception.)
Edit: This will not work in a custom exception controller function.
I was doing a little research on this myself recently so that I could send this information in an XACML request as part of the environment.
As far as I can tell from GitHub issues like this one:
https://github.com/symfony/symfony/issues/14435
There is currently no way to reliably get the information out of Symfony except the dirty compiler pass hack suggested on the linked issue. It does appear from the conversation on these issues, they are working on making this available, however, the status is still open, so we will have to be patient and wait for it to be provided.
#Adambean's answer is pretty elegant, but I'd write it as a one-liner:
$firewallName = array_slice(explode('.', trim($request->attributes->get('_firewall_context'))), -1)[0];
The difference is that $firewallName will always be a string (which may be empty).
Also, please note that this answer (like #Adambean's) doesn't work for a firewall with a dot in its name.
So I'm attempting to write something to mimic sharepoint's people picker. I was originally using Utility.ResolvePrincipal with some success, but it was only returning me a single user (obviously). So, I tried to use Utility.SearchPrincipal. Only that's not returning me anything. Here's what I have:
var user = Utility.ResolvePrincipal(_clientContext, _clientContext.Web, nameStart, PrincipalType.user, PrincipalSource.All, null, false);
var users = Utility.SearchPrincipals(_clientContext, _clientContext.Web, nameStart, PrincipalType.user, PrincipalSource.All, null, 10);
_clientContext.ExecuteQuery();
At this point, user.Value has a single user, and users is an empty list. What am I doing wrong?
I eventually solved the issue by changing the PrincipalSource.All call in Utility.SearchPrincipals to just PrincipalSource.UserInfoList. Apparently it was running into some security issue in one of the sets of users, and instead of throwing an error it was just returning an empty list.
I have a problem when I developed my website with Google+ sign-in:
I did step by step that the doc told me but I always failed at step4:
https://developers.google.com/+/web/signin/
the result was always ""immediate_failed" - Could not automatially log in the user", I just don't kown why, can anyone help me, thanks very much! :-(
Note that in the sample code you pointed to, the "immediate_failed" check is commented out. This is intentional, since the first time a user encounters the Sign-in button on the page, it will fail.
The reason it fails is that when the page first loads, before the user even presses the button, a request is sent to Google to determine if the user has already logged in (via Google or another site, for example). If they are - there is no need for them to log in again, so the button never needs to be shown. But if they have not been logged in already, you will get the "immediate_failed" response, and will need to either show (or not clear) the button.
tl;dr - Don't worry aout getting immediate_failed when the page first loads. This is normal.
As a workaround I use gapi.auth.authorize method in the gapi.auth.signIn callback. Here is my code:
gapi.auth.signIn({
'callback': gPlusLoginCallback
});
function gPlusLoginCallback(authResult) {
if (authResult['status']['signed_in']) {
doSmth(authRes['access_token']);
} else if (authResult['error'] == "immediate_failed") {
gapi.auth.authorize({
client_id: gplusClientId,
scope: 'https://www.googleapis.com/auth/plus.login email',
immediate: true
}, function (authRes) {
if (authRes['status']['signed_in']) {
doSmth(authRes['access_token']);
}
});
}
}
function doSmth(accessToken){
//Do smth
}
Change this setting "immediate: true", to be false " immediate: false".
But if you like to make more complex implementation look at the first sample here https://developers.google.com/api-client-library/javascript/start/start-js. You have to calls to Google's "gapi.auth.authorize({...", the first one with "immediate: true", and the second one with "immediate: false".
The question is old but I faced this issue recently.
In my case, it was because I specified the URI parameter prompt to none. I guess Google doesn't like that if the user has never been logged to your platform before.
Whenever I changed that to consent or totally removed it, it worked great.
In my case, the error was because of explicitly specifying the authorization parameter prompt to 'none',similar to a previous answer.
It worked for me by specifying prompt=None or as per the official docs,you may skip this parameter.