'Google authenticator authenticates with username
I'm trying to create a two factor authentication using GoogleAuthenticator library (version 2.4.0).
I am creating a setup code like this:
TwoFactorAuthenticator tfa = new TwoFactorAuthenticator();
model.UserUniqueKey = GenerateRandomString();
var setupInfo = tfa.GenerateSetupCode("ProductName", model.Username, model.UserUniqueKey, true);
Where UserUniqueKey is a random generated upper case string with length 10 characters.
I am verifying the verification code like this:
tfa.ValidateTwoFactorPIN(model.UserUniqueKey, model.VerificationCode, true);
The bool argument is to set the secret to be base32 encoded.
However no matter of the UserUniqueKey value, it's length, or whether base32 is used or not the validation is always not successful.
But if I set first parameter of the ValidateTwoFactorPIN method to model.Username like this:
tfa.ValidateTwoFactorPIN(model.Username, model.VerificationCode, true);
Then the authentication is successful. Why is this happening ? Any help and suggestions would be appreciated.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|