Required passwordless authentication #6910

krishna created 5 years ago

Hi, We have requirement to implement passwordless authentication (Using UsernameOrEmailAddress) in our project. We have tried but we are facing problem to establish session, So please provide neccessary steps/docs to implement passwordless authentication .

Go to accepted answer

8 Answer(s)

0

alper created 5 years ago
Support Team

see https://aspnetboilerplate.com/Pages/Documents/Zero/User-Management#external-authentication
0

krishna created 5 years ago

Hi alper, Tq for your reply. I have gone through the link, which you have shared, but i think its not related to my requirement. I have a requirement to authenticate a user without password by enter only username, for that in asp.net zero is there any possibility, if yes please share that link.

Tq

alper created 5 years ago

Support Team

AspNet Boilerplate is the framework of AspNet Zero.

public class MyExternalAuthSource : DefaultExternalAuthenticationSource<Tenant, User>,  ITransientDependency
{
    public override string Name
    {
        get { return "MyCustomSource"; }
    }

    public override Task<bool> TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, Tenant tenant)
    {
       return true;
    }
}

0

krishna created 5 years ago

Hi alper,

In the below method, do we need to give password mandatory? If yes then its not related to passwordless authentication right?

public override Task<bool> TryAuthenticateAsync(string userNameOrEmailAddress, string plainPassword, Tenant tenant) { return true; }
0

ryancyq created 5 years ago
Support Team

Hi, do you meant SSO for passwordless authentication?

or you are looking remove password validation completely? meaning as long as a person provides any email addrsss, the person will be logged in as the email address given?
0

krishna created 4 years ago

Hi, Yes we are looking for session establishment with only given email address/username by check in database, instead of using both username and password in AspNet Biolerplate to provide passwordless authentication. We are using asp.net core with angular, Is there any way to authenticate user with only emailaddress/username?
0

maliming created 4 years ago
Support Team

@krishna

Although I don't understand why you are doing this, and I think this will have security issues.

However, you can still add the login method of Email+ username in LogInManager. Evaluate email and username based on your needs.

Code refer to: https://github.com/aspnetboilerplate/aspnetboilerplate/blob/e318781f19fbd28cba8a4d9dad51f0d4821acc71/src/Abp.ZeroCore/Authorization/AbpLoginManager.cs#L81
0

krishna created 4 years ago

we are actually trying to interate FIDO2 passwordless login with our ThinC-AUTH Biometric token.

we have got the actual FIDO2 functionality integrated and are able to use it as a 2nd factor device. since we have biometrics on it we are trying to privide passwordless experience similar to

https://www.microsoft.com/en-us/microsoft-365/blog/2018/11/20/sign-in-to-your-microsoft-account-without-a-password-using-windows-hello-or-a-security-key/

thanks for the reference, will try that out.

Have an answer to this question? Log in and write your answer.