How to set up two factor authentication in .Net application using FreeOTP?
I want to use two factor authentication during login or somewhere else like approvals etc. looking for the sample code or article which can guide me how to apply in application. thanks
here is the link for info about FreeOTP Authentication
https://freeotp.github.io/
I'm also searching these days for a solution to integrate Google Authenticator and FreeOTP in ASP.NET Identity.
FreeOTP writes on their page (https://freeotp.github.io):
FreeOTP implements open standards: HOTP and TOTP. This means that no proprietary server-side component is necessary
So you can use any free OTP nuget package - and you can serve both Google Authenticator and FreeOTP as well. For example: https://www.nuget.org/packages/OtpSharp/
Example for ASP.NET Identity 2.0
I have found an example on the microsoft docs (https://learn.microsoft.com/en-us/aspnet/identity/overview/features-api/two-factor-authentication-using-sms-and-email-with-aspnet-identity#enabling-2fa) and they are referring there to an interesting tutorial:
https://www.jerriepelser.com/blog/using-google-authenticator-asp-net-identity/
In this tutorial they are using "OtpSharp" to integrate the google authenticator. It should work in the same way for FreeOTP (but I havn't tested it).
Related
I try to create authentication and authorization for my single page web-api project.
For this purpose I red this cool article from Taiseer Joudeh.
But the problem is that in my project I have database with tables and I want to adopt OWIN to work with my existing tables.
Maybe someone knows useful article or post on which I can rely for this subject?
You need to be looking at creating a custom Identity storage provider. Read the following as a starting point: https://www.asp.net/identity/overview/extensibility/overview-of-custom-storage-providers-for-aspnet-identity.
There is no LinkedIn-specific library from Microsoft like Microsoft.AspNet.Authentication.Facebook. The third party libraries I tried are designed for ASP.NET4.5.
I also waiting for middleware for LinkedIn authentication from aspnet team, but look like they have no plans to create it - read LinkedIn Authentication and Will we have a Authentication.LinkedIn.
#Tratcher wrote:
No, but there's a comunity implementation available here: aspnet-contrib/AspNet.Security.OAuth.Providers
You can try this one above and please let me know if it's working well, please.
Also You can create middleware yourself based on generic OAuth middleware...
Check aspnet/Security repo on GitHub, and read LinkedIn Authenticating with OAuth 2.0 article.
As Lukasz pointed out, you can use the LinkedIn provider in the https://github.com/aspnet-contrib/AspNet.Security.OAuth.Providers project. I wrote that provider and it is just a thin layer on top of the built-in generic OAuth2 provider.
It you want to use the generic OAuth2 provider directly, you can also look at this blog post which takes you step-by-step through the entire process:
https://auth0.com/blog/2016/06/13/authenticating-a-user-with-linkedin-in-aspnet-core/
I am an admin of a Facebook Page. Now it want to involve it in my MVC Project. I was wondering if it is possible to :
1)fetch its data (such as profile pic ,about,events,who is attending etc) from fb and showing it in my ASP MVC View.
2) involve all the features provided by fb (to the page)in MVC project. e.g. creating an event, adding photos and videos.
3) is there any way to Authorize forms via fb authentication.
if this is achivable how should i proceed? what are the prerequisites?
any blog/link/tutorial/study material for this?
Facebook has a clean API you can use to integrate it into your applications. It's called the Graph API, they have the docs on their site:
http://developers.facebook.com/docs/coreconcepts/
The Graph API is designed to perform various operations, if something is to be done, it can be done via the Graph API.
As for the authentication, yes, it's fairly simple, Facebook implements the OAuth2 protocol. Just google on "C# OAuth2 Facebook" or something similar and you will get links to complete tutorials.
The docs from Facebook team are here:
http://developers.facebook.com/docs/authentication/server-side/
I'm familiar with ASP.NET Membership, Profile, forms auth, etc., as well as OpenId/OAuth. However, I haven't found a great resource on rolling together a really smart, modern OpenId-enabled login and profile system similar to what StackExchange does. Is there a package or template that adds in StackExchange-like authentication and profiles? Ideally, what I'm looking for has these features:
NuGet installation into an existing MVC project OR a starter template for MVC
Allows authentication with OpenId, FaceBook, Twitter, or in-site with a clean UI
Allows associating FaceBook and Twitter OAuth with an existing account that may or may not use OpenId.
Allows merging and modifying multiple authentication methods, similar to the way StackOverlow does if you log in with multiple methods.
DotNetOpenAuth comes close, but still relies on a developer to handle the more complex cases of merging logins and associating OAuth tokens with users. It seems like there would be a good base template or package by now that gives you a full modern authentication story fairly quickly.
Maybe StackId could be useful. It's built on top of DotNetOpenAuth by StackExchange team.
You can find its description in the list of StackExcnage open source projects. But it doesn't have Nuget package.
My company uses Google Apps for our e-mail/business app provider. Every employee has an account here.
I'm looking into creating an asp.net web app that would allow users to sign-in (using their Google Apps account) and then accomplish certain things (first goal: keep a current record of the employee's skillset).
Before I get started, I wanted to find out if an OpenID login system using Google Apps is any more difficult than doing it the standard way, or if I need to be aware of any pitfalls.
We have one domain, and the only requirement would be that the user has an open account that exists.
Thanks in advance for your thoughts on this!
I have slides for you from a talk I gave a month ago: Google Apps Account As OpenID
http://www.slideshare.net/timdream/google-apps-account-as-openid
Basically there are two ways of doing this.
Follow the Google documentation, patch your ASP.net OpenID library to accept Google Apps OpenID that is not really discoverable from the claimed URL.
Install a set of discovery information on the claimed URL (/openid?id=XXXX on your website) to make your Google Apps OpenID behaviors the same way present OpenIDs do.
Either way, after completion user will be able to login to your ASP.net app with following URL:
https://www.google.com/accounts/o8/site-xrds?hd=[yourappsdomain]
My solution to this issue was to use the DotNetOpenAuth library -- I was unaware that the latest version has Google Apps support.
Highly recommend the product -- you can find it here.
I modified one of the example files and was up and running in no time.
Thanks to all who answered!