Open Closed

Add DUO Universal Prompt as another 2FA verification provider. #3953

User avatar
0
jeffbuot created
  • ABP Framework version: v6.0
  • UI type: Blazor Server
  • Project Template type: Microservice Solution
  • DB provider: EF Core / MongoDB
  • Tiered (MVC) or Identity Server Separated (Angular): yes

Hi,

Any help how can I achieve adding another 2FA verification provider in abp framework? I'm about to add DUO universal prompt from their web sdk like the sample here in github: https://github.com/duosecurity/duo_universal_csharp/tree/main/DuoUniversal.Example Add it as an added layer for authentication, I want to add logic like show only duo 2fa if user login for the first time or the 2fa token expires.

Go to accepted answer
2 Answer(s)
  • User Avatar
    0
    jeffbuot created

    Hi,

    It's been 5 days no response. Just wanted to know if this task was possible if not can I ask refund for this ticket? I'll just do research on my own.

  • User Avatar
    0
    liangshiwei created
    Support Team Fullstack Developer

    Hi,

    Sorry, we are late,

    I think it's possible,but I don't know much about DUO Universal Prompt, It looks like a 3rd party 2FA verification server.

    You can customise the login model of the account pro module, and redirect to DUO Universal Prompt if the user needed.

    For example:

    public class MoLoginModel : LoginModel
{
    public MoLoginModel(IAuthenticationSchemeProvider schemeProvider, IOptions<AbpAccountOptions> accountOptions, IAbpRecaptchaValidatorFactory recaptchaValidatorFactory, IAccountExternalProviderAppService accountExternalProviderAppService, ICurrentPrincipalAccessor currentPrincipalAccessor, IOptions<IdentityOptions> identityOptions, IOptionsSnapshot<reCAPTCHAOptions> reCaptchaOptions) : base(schemeProvider, accountOptions, recaptchaValidatorFactory, accountExternalProviderAppService, currentPrincipalAccessor, identityOptions, reCaptchaOptions)
    {
    }

    protected override async Task<IActionResult> CheckLocalLoginAsync()
    {
        var result =  await base.CheckLocalLoginAsync();
        if (result != null)
        {
            return result;
        }
        
         //get the user to check if need to redirect
         var user = await UserManager.FindByNameAsync(LoginInput.UserNameOrEmailAddress);
         return await RedirectToDuoUniversal();
    }

    protected async Task<IActionResult> RedirectToDuoUniversal()
    {
        .....
    }
}

    Anyway, your ticket refunded.

Assignee
No one
Labels
ui-blazor db-efcore db-mongo tiered
Made with ❤️ on ABP v8.2.0-preview Updated on March 25, 2024, 15:11