Hi @ismcagdas,
ASP.NET Zero API: v13.3.0 | Client: v13.3.0
Goal: Add an option to remember browser for Operators with MFA enabled. When selected, Operators can choose to remember browser, which will skip MFA prompts for future logins from the same browser.”
We enabled 2FA settings on settings page and also for specific user. 2FA works.
We also added an option "Allow to remember browser" on settings page [Administration > Settings > Security (tab)]. See the screenshot below.
We checked the setting is updated in TenantSettingsAppService.cs, settings.IsRememberBrowserEnabled = true, but users are still prompted for additional authentication (two-factor authentication) on a "remembered" browser.
Did I miss something? How the "remember browser" functionality is being implemented? Does the "Remember this browser" functionality relies on a cookie being set in the user's browser when they select the option to remember the device. I couldn't find such a cookie in the browser.
Do we need to check the host settings (HostSettingsAppService) do not force 2FA?
Thank you for your support.
1 Answer(s)
-
0
Hi @hongbing.wang,
An error may have occurred in the implementation here. We will fix this in the next version
https://github.com/aspnetzero/aspnet-zero-core/issues/5430
