Asp net core mvc using multifactor push auth with microsoft authenticator

Introduction

ASP.NET is a popular programming language used for building web applications. It provides a framework for developing dynamic websites, web services, and web applications. In this article, we will explore how to implement multifactor push authentication using Microsoft Authenticator in ASP.NET Core MVC.

What is Multifactor Push Authentication?

Multifactor authentication (MFA) is a measure that requires users to provide multiple forms of identification to access a system or application. Push authentication is a type of MFA that sends a push notification to the user's mobile device, prompting them to approve or deny the login request.

Setting up ASP.NET Core MVC

To get started, let's create a new ASP.NET Core MVC project. Open Visual Studio and select “Create a new project.” Choose the ASP.NET Core Web Application template and select MVC as the project type. Click “Next” and provide a name and location for your project. Finally, click “Create” to create the project.


// ASP.NET Core MVC code goes here

Installing Microsoft.Identity.Web

To implement multifactor push authentication, we need to install the Microsoft.Identity.Web package. This package provides the necessary functionality to integrate with Microsoft Authenticator.


// Install Microsoft.Identity.Web package
dotnet add package Microsoft.Identity.Web

Configuring Authentication

Next, we need to configure authentication in our ASP.NET Core MVC application. Open the Startup.cs file and locate the ConfigureServices . Add the following code to configure authentication:


// Configure authentication
services.()
    .AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"));

The above code configures the application to use Microsoft Identity for authentication. It reads the configuration from the appsettings.json file, where we will define the AzureAd .

Defining Azure AD Configuration

In the appsettings.json file, add the following configuration for Azure AD:


{
  "AzureAd": {
    "Instance": "https://login.microsoftonline.com/",
    "ClientId": "YOUR_CLIENT_ID",
    "TenantId": "YOUR_TENANT_ID"
  }
}

Replace YOUR_CLIENT_ID and YOUR_TENANT_ID with your actual client ID and tenant ID obtained from the Azure portal.

Implementing Multifactor Push Authentication

Now, let's implement multifactor push authentication in our ASP.NET Core MVC application. Open the AccountController.cs file and locate the Login method. Add the following code to initiate the multifactor push authentication:


// Initiate multifactor push authentication
var result = await _signInManager.PasswordSignInAsync(.Email, model.Password, model.RememberMe, lockoutOnFailure: false);
if (result.Succeeded)
{
    var user = await _userManager.FindByEmailAsync(model.Email);
    var token = await _userManager.GenerateTwoFactorTokenAsync(user, "AuthenticatorApp");
    var providers = await _userManager.GetValidTwoFactorProvidersAsync(user);
    if (providers.Contains("AuthenticatorApp"))
    {
        var pushResult = await _signInManager.SendTwoFactorCodeAsync("AuthenticatorApp");
        if (pushResult.Succeeded)
        {
            return RedirectToAction("VerifyCode", new {  = returnUrl, RememberMe = model.RememberMe });
        }
    }
}

The above code first performs the password-based authentication. If the authentication is successful, it generates a two- token for the user and checks if the Authenticator App is a valid two-factor provider. If it is, it sends a push notification to the user's device and redirects them to the VerifyCode action.

Verifying the Code

In the AccountController.cs file, locate the VerifyCode method. Add the following code to verify the code entered by the user:


// Verify the code entered by the user
var result = await _signInManager.TwoFactorSignInAsync("AuthenticatorApp", model.TwoFactorCode, model.RememberMe, rememberClient: false);
if (result.Succeeded)
{
    return RedirectToLocal(returnUrl);
}

The above code verifies the code entered by the user using the TwoFactorSignInAsync method. If the is successful, it redirects the user to the original requested URL.

Conclusion

In this article, we have explored how to implement multifactor push authentication using Microsoft Authenticator in ASP.NET Core MVC. We started by setting up an ASP.NET Core MVC project and installing the necessary packages. Then, we configured authentication and implemented the multifactor push authentication flow. By following these steps, you can enhance the security of your ASP.NET Core MVC application by implementing multifactor push authentication.

Rate this post

Leave a Reply

Your email address will not be published. Required fields are marked *

Table of Contents