IMK
Reputation: 718
How to use two factor authorization cookie along with single factor authorization cookie
I have a web application with singe factor authorization and now have implemented two-factor authorization. I am using the Microsoft Identity for the log-in. The problem is - so far we have used a cookie to remember the user while providing the username and password. Say that as 'signglefactorcookie'. Now on the authenticator application authorization page(TFA), I have added another cookie for the remember me option. Say that as 'twofactorcookie'. Now how can I make my client request for both cookies when I use the below code?
// Check whether there is a valid session or persistent cookie
if(this.User.Identity.IsAuthenticated){
// Move to a landing page
}
Problem scenario
- Now the problem is, if I log in to the single-factor authentication page with the correct user name and password and land at the two-factor authentication page.
- Open a new tab and try to access the home page getting success since there is a single factor cookie that is recognized which makes the user authorized.
How can I make it in a standard way?
Upvotes: 0
Views: 569
Answers (0)
Related Questions
- ASP.NET Core 2.0 combining Cookies and Bearer Authorization for the same endpoint
- ASP.NET Core Using Multiple Authentication Methods
- ASP.NET Core - Using multiple authentication methods
- How can I combine external logins and two-factor authentication in ASP.NET Core Identity?
- Multiple authentication schemes in ASP.NET Core
- Combining cookie and token authentication in ASP.NET Core
- Multiple authentication methods in asp.Net core 2.2
- How can I use both Bearer and Cookie authentication in my ASP.net Core application?
- add multiple cookie schemes in aspnet core 2
- Two authentication cookies in ASP.NET Core Identity