我已经设置了2fa,但它总是说无效的代码。
我已经用.NET Core 2.1和2.2尝试过,但它总是说来自Google以及Microsoft身份验证器的无效代码。
启用身份验证器.cshtml
<p>Scan the QR Code or enter this key <kbd>@Model.SharedKey</kbd>
into your two factor authenticator app. Spaces and casing do not matter.
</p>
<div class="alert alert-info">To enable QR code generation please
read our <a href="https://go.microsoft.com/fwlink/?
Linkid=852423">documentation</a>.</div>
<div id="qrCode"></div>
<div id="qrCodeData" data-
url="@Html.Raw(@Model.AuthenticatorUri)"></div>
//Js in Enable Authenticator.cshtml
@section Scripts {
<partial name="_ValidationScriptsPartial" />
<script type="text/javascript" src="~/lib/qrcode.js"></script>
<script type="text/javascript">
new QRCode(document.getElementById("qrCode"),
{
text: "@Html.Raw(Model.AuthenticatorUri)",
width: 200,
height: 200
});
</script>
//Enable Authenticator.cshtml.cs
var user = await _userManager.GetUserAsync(User);
if (user == null)
{
return NotFound($"Unable to load user with ID '{_userManager.GetUserId(User)}'.");
}
if (!ModelState.IsValid)
{
await LoadSharedKeyAndQrCodeUriAsync(user);
return Page();
}
// Strip spaces and hypens
var verificationCode = Input.Code.Replace(" ", string.Empty).Replace("-", string.Empty);
var is2faTokenValid = await _userManager.VerifyTwoFactorTokenAsync(
user, _userManager.Options.Tokens.AuthenticatorTokenProvider, verificationCode);
if (!is2faTokenValid)
{
ModelState.AddModelError("Input.Code", "Verification code is invalid.");
await LoadSharedKeyAndQrCodeUriAsync(user);
return Page();
}
await _userManager.SetTwoFactorEnabledAsync(user, true);
var userId = await _userManager.GetUserIdAsync(user);
_logger.LogInformation("User with ID '{UserId}' has enabled 2FA with an authenticator app.", userId);
StatusMessage = "Your authenticator app has been verified.";
if (await _userManager.CountRecoveryCodesAsync(user) == 0)
{
var recoveryCodes = await _userManager.GenerateNewTwoFactorRecoveryCodesAsync(user, 10);
RecoveryCodes = recoveryCodes.ToArray();
return RedirectToPage("./ShowRecoveryCodes");
}
else
{
return RedirectToPage("./TwoFactorAuthentication");
}
我想设置身份验证,但它的代码总是无效。
我也有同样的情况,这是由主机上的时间引起的,我的电脑和测试环境都与我的手机相差 2 分钟。time.windows.com不可用于时间同步。
我知道这是一个较旧的话题,但我遇到了同样的问题。
最后,我的_userManager.Options.Tokens.AuthenticatorTokenProvider被错误地设置为"电子邮件",来自一些通过电子邮件执行2fa的旧代码。
因此,请确保 _userManager.Options.Tokens.AuthenticatorTokenProvider 未更改(默认为"身份验证器")
也许它会帮助某人!