Trying to get Identity to work
ok. i am trying to debug my authentication. I am using .NET identity, but slightly tweaked.
I've got my version of
/register which I've changed to always set up 2fa right off the bat
I've got my version of /login which I've changed to always require 2FA
And I've done a few other syntax things
here's the problem:
1) use /register to register a username and an password
2) that gives me a shared key for 2FA.
3) it also sends me a confirmation email.
4) then i confirm my email. this process is janky, its got a bug in it I've not figured out, but i can get it to work.
5) then i use /login. it accepts my username password and generated 6-digit 2FA code and returns a bearer token, a refresh token and an exploration time. (side note, this leads me to believe my changes to /register and /login are valid)
6) i scroll to the top of Swagger and find the little authorize box and add my bearer token in the format bearer CfDJ8AfI-Bjt1FZKmAC<...>pzHKRBIxyuVvIOYZjr3ZywaZjPlI (I've cut down that bearer token for brevity.)
7) the little lock logo closes and i scroll down and fire an endpoint called /MyData which should return user data for the user I've logged as in (email and such) but when I step though this part and inspect ClaimsPrincipal user has isAuthorized == false.
I suspect this has something to do with my configuration of Identity so here's that:
https://gist.github.com/hutonahill/0c1a8a53be7d0a5a76e8e0f06dd299cdGist
Trying to get Identity to work, authentication config
Trying to get Identity to work, authentication config - gist:0c1a8a53be7d0a5a76e8e0f06dd299cd
1 Reply
also, i seem to remember theres a way to embed that gist with the bot... but that might be a differant server
:(