Introduction
ASP.NET is a popular programming language used for building web applications. It provides a framework for developing dynamic websites, web services, and web applications. In this article, we will explore how to implement multifactor push authentication using Microsoft Authenticator in ASP.NET Core MVC.
What is Multifactor Push Authentication?
Multifactor authentication (MFA) is a security measure that requires users to provide multiple forms of identification to access a system or application. Push authentication is a type of MFA that sends a push notification to the user's mobile device, prompting them to approve or deny the login request.
Setting up ASP.NET Core MVC
To get started, let's create a new ASP.NET Core MVC project. Open Visual Studio and select “Create a new project.” Choose the ASP.NET Core Web Application template and select MVC as the project type. Click “Next” and provide a name and location for your project. Finally, click “Create” to create the project.
// ASP.NET Core MVC code goes here
Installing Microsoft.Identity.Web
To implement multifactor push authentication, we need to install the Microsoft.Identity.Web package. This package provides the necessary functionality to integrate with Microsoft Authenticator.
// Install Microsoft.Identity.Web package
dotnet add package Microsoft.Identity.Web
Configuring Authentication
Next, we need to configure authentication in our ASP.NET Core MVC application. Open the Startup.cs file and locate the ConfigureServices method. Add the following code to configure authentication:
// Configure authentication
services.AddAuthentication()
.AddMicrosoftIdentityWebApp(Configuration.GetSection("AzureAd"));
The above code configures the application to use Microsoft Identity Platform for authentication. It reads the configuration from the appsettings.json file, where we will define the AzureAd section.
Defining Azure AD Configuration
In the appsettings.json file, add the following configuration for Azure AD:
{
"AzureAd": {
"Instance": "https://login.microsoftonline.com/",
"ClientId": "YOUR_CLIENT_ID",
"TenantId": "YOUR_TENANT_ID"
}
}
Replace YOUR_CLIENT_ID and YOUR_TENANT_ID with your actual client ID and tenant ID obtained from the Azure portal.
Implementing Multifactor Push Authentication
Now, let's implement multifactor push authentication in our ASP.NET Core MVC application. Open the AccountController.cs file and locate the Login method. Add the following code to initiate the multifactor push authentication:
// Initiate multifactor push authentication
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);
if (result.Succeeded)
{
var user = await _userManager.FindByEmailAsync(model.Email);
var token = await _userManager.GenerateTwoFactorTokenAsync(user, "AuthenticatorApp");
var providers = await _userManager.GetValidTwoFactorProvidersAsync(user);
if (providers.Contains("AuthenticatorApp"))
{
var pushResult = await _signInManager.SendTwoFactorCodeAsync("AuthenticatorApp");
if (pushResult.Succeeded)
{
return RedirectToAction("VerifyCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
}
}
}
The above code first performs the regular password-based authentication. If the authentication is successful, it generates a two-factor token for the user and checks if the Authenticator App is a valid two-factor provider. If it is, it sends a push notification to the user's device and redirects them to the VerifyCode action.
Verifying the Code
In the AccountController.cs file, locate the VerifyCode method. Add the following code to verify the code entered by the user:
// Verify the code entered by the user
var result = await _signInManager.TwoFactorSignInAsync("AuthenticatorApp", model.TwoFactorCode, model.RememberMe, rememberClient: false);
if (result.Succeeded)
{
return RedirectToLocal(returnUrl);
}
The above code verifies the code entered by the user using the TwoFactorSignInAsync method. If the verification is successful, it redirects the user to the original requested URL.
Conclusion
In this article, we have explored how to implement multifactor push authentication using Microsoft Authenticator in ASP.NET Core MVC. We started by setting up an ASP.NET Core MVC project and installing the necessary packages. Then, we configured authentication and implemented the multifactor push authentication flow. By following these steps, you can enhance the security of your ASP.NET Core MVC application by implementing multifactor push authentication.