Open Closed

Only SMS as 2FA provider - disable email provider #4444


User avatar
0
ageiter created
  • ABP Framework version: v7.0.1
  • UI type: Blazor Server
  • DB provider: EF Core

We use the two factor authentication. It works perfectly via email and SMS. But we want to force the user to do the verification via phone. He should not see the dropdown "Selected provider". How can I do this?


12 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    You can exclude the email by overriding these methods.

    account/src/Volo.Abp.Account.Pro.Public.Application/Volo/Abp/Account/AccountAppService.cs

  • User Avatar
    0
    ageiter created

    Thank you very much. Overwriting GetTwoFactorProvidersAsync worked.

    What do I have to overwrite to get rid of the dropdown (LeptonX 2.0.0)?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

  • User Avatar
    0
    ageiter created

    Thanks.

    By the way, if I enter the phone number in a wrong format (e.g. without country code), this generates an internal error.

    Can you please implement the validation of the format?

    2023-01-30 10:30:29.439 +01:00 [INF] Executing endpoint 'Volo.Abp.Account.AccountController.SendPhoneNumberConfirmationTokenAsync (Volo.Abp.Account.Pro.Public.HttpApi)'
    2023-01-30 10:30:29.439 +01:00 [INF] Route matched with {area = "account", action = "SendPhoneNumberConfirmationToken", controller = "Account", page = ""}. Executing controller action with signature System.Threading.Tasks.Task SendPhoneNumberConfirmationTokenAsync(Volo.Abp.Account.SendPhoneNumberConfirmationTokenDto) on controller Volo.Abp.Account.AccountController (Volo.Abp.Account.Pro.Public.HttpApi).
    2023-01-30 10:30:29.478 +01:00 [DBG] Added 0 entity changes to the current audit log
    2023-01-30 10:30:30.351 +01:00 [ERR] ---------- RemoteServiceErrorInfo ----------
    {
      "code": null,
      "message": "Bei Ihrer Anfrage ist ein interner Fehler aufgetreten!",
      "details": null,
      "data": {},
      "validationErrors": null
    }
    
    2023-01-30 10:30:30.351 +01:00 [ERR] The 'To' number 0551112233 is not a valid phone number.
    Twilio.Exceptions.ApiException: The 'To' number 0551112233 is not a valid phone number.
       at Twilio.Clients.TwilioRestClient.ProcessResponse(Response response)
       at Twilio.Clients.TwilioRestClient.RequestAsync(Request request)
       at Twilio.Rest.Api.V2010.Account.MessageResource.CreateAsync(CreateMessageOptions options, ITwilioRestClient client)
       at Twilio.Rest.Api.V2010.Account.MessageResource.CreateAsync(PhoneNumber to, String pathAccountSid, PhoneNumber from, String messagingServiceSid, String body, List`1 mediaUrl, Uri statusCallback, String applicationSid, Nullable`1 maxPrice, Nullable`1 provideFeedback, Nullable`1 attempt, Nullable`1 validityPeriod, Nullable`1 forceDelivery, ContentRetentionEnum contentRetention, AddressRetentionEnum addressRetention, Nullable`1 smartEncoded, List`1 persistentAction, ITwilioRestClient client)
       at Volo.Abp.Sms.Twilio.TwilioSmsSender.SendAsync(SmsMessage smsMessage)
       at Volo.Abp.Account.Phone.AccountPhoneService.SendConfirmationCodeAsync(IdentityUser user, String confirmationToken)
       at Volo.Abp.Account.AccountAppService.SendPhoneNumberConfirmationTokenAsync(SendPhoneNumberConfirmationTokenDto input)
       at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
       at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
       at Volo.Abp.Authorization.AuthorizationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
       at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
       at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
       at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
       at Volo.Abp.GlobalFeatures.GlobalFeatureInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
       at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
       at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
       at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
       at Volo.Abp.Auditing.AuditingInterceptor.ProceedByLoggingAsync(IAbpMethodInvocation invocation, AbpAuditingOptions options, IAuditingHelper auditingHelper, IAuditLogScope auditLogScope)
       at Volo.Abp.Auditing.AuditingInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
       at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
       at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
       at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
       at Volo.Abp.Validation.ValidationInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
       at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
       at Castle.DynamicProxy.AsyncInterceptorBase.ProceedAsynchronous(IInvocation invocation, IInvocationProceedInfo proceedInfo)
       at Volo.Abp.Castle.DynamicProxy.CastleAbpMethodInvocationAdapter.ProceedAsync()
       at Volo.Abp.Uow.UnitOfWorkInterceptor.InterceptAsync(IAbpMethodInvocation invocation)
       at Volo.Abp.Castle.DynamicProxy.CastleAsyncAbpInterceptorAdapter`1.InterceptAsync(IInvocation invocation, IInvocationProceedInfo proceedInfo, Func`3 proceed)
       at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
       at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask`1 actionResultValueTask)
       at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.&lt;InvokeNextActionFilterAsync&gt;g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
       at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
       at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
       at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.&lt;InvokeInnerFilterAsync&gt;g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
       at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.&lt;InvokeNextExceptionFilterAsync&gt;g__Awaited|26_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
    
  • User Avatar
    0
    ageiter created

    hi

    Can you help me find the source code of the file "SendSecurityCode.cshtml"? (or post the sourcecode instead of the screenshot).

    And where do I have to paste the file to make it work?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    abp/account/src/Volo.Abp.Account.Pro.Public.Web/Pages/Account/SendSecurityCode.cshtml

    Twilio.Exceptions.ApiException: The 'To' number 0551112233 is not a valid phone number.

    You can override the CheckPhoneNumber method of AccountAppService .

    protected virtual void CheckPhoneNumber(IdentityUser user)
    {
        if (string.IsNullOrEmpty(user.PhoneNumber))
        {
            throw new BusinessException("Volo.Account:PhoneNumberEmpty");
        }
        
        // Add more rules
    }
    
  • User Avatar
    0
    ageiter created

    Thank you maliming. That works great.

    Whats about my other question about the "SendSecurityCode.cshtml"?

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    Whats about my other question about the "SendSecurityCode.cshtml"?

    abp/account/src/Volo.Abp.Account.Pro.Public.Web/Pages/Account/SendSecurityCode.cshtml

    abp get-source Volo.Account.Pro

  • User Avatar
    0
    ageiter created

    I have found the file, thank you. Now there is only the last problem: where do I have to insert it so that the view is overwritten? It didn't work under Themes\LeptonX\Layouts\Account

  • User Avatar
    0
    maliming created
    Support Team Fullstack Developer

    hi

    XXX.Web/Pages/Account/MySendSecurityCode.cshtml XXX.Web/Pages/Account/MySendSecurityCode.cshtml.cs

  • User Avatar
    0
    ageiter created

    I don't have a "... .Web" project, it's a Blazor Server solution and not MVC.... But there must be a way to override these MVC pages in Blazor too, right?

  • User Avatar
    0
    ageiter created

    I don't have a "... .Web" project, it's a Blazor Server solution and not MVC.... But there must be a way to override these MVC pages in Blazor too, right?

    It seems to work under XXX.Blazor/Pages/Account

Made with ❤️ on ABP v8.2.0-preview Updated on March 25, 2024, 15:11