Class UmbTwoFactorLoginController
Surface controller that handles two-factor authentication flows for members, including provider listing, code verification, and setup/disable operations.
Namespace: Umbraco.Cms.Web.Website.Controllers
Assembly: Umbraco.Web.Website.dll
Syntax
[UmbracoMemberAuthorize]
public class UmbTwoFactorLoginController : SurfaceController, IDiscoverableConstructors
View SourceUmbTwoFactorLoginController(ILogger<UmbTwoFactorLoginController>, IUmbracoContextAccessor, IUmbracoDatabaseFactory, ServiceContext, AppCaches, IProfilingLogger, IPublishedUrlProvider, IMemberSignInManager, IMemberManager, ITwoFactorLoginService)
Initializes a new instance of the UmbTwoFactorLoginController class.
Declaration
public UmbTwoFactorLoginController(ILogger<UmbTwoFactorLoginController> logger, IUmbracoContextAccessor umbracoContextAccessor, IUmbracoDatabaseFactory databaseFactory, ServiceContext services, AppCaches appCaches, IProfilingLogger profilingLogger, IPublishedUrlProvider publishedUrlProvider, IMemberSignInManager memberSignInManager, IMemberManager memberManager, ITwoFactorLoginService twoFactorLoginService)Parameters
| Type | Name | Description |
|---|---|---|
| ILogger<UmbTwoFactorLoginController> | logger | |
| IUmbracoContextAccessor | umbracoContextAccessor | |
| IUmbracoDatabaseFactory | databaseFactory | |
| ServiceContext | services | |
| AppCaches | appCaches | |
| IProfilingLogger | profilingLogger | |
| IPublishedUrlProvider | publishedUrlProvider | |
| IMemberSignInManager | memberSignInManager | |
| IMemberManager | memberManager | |
| ITwoFactorLoginService | twoFactorLoginService |
Methods
View SourceDisable(string, string?)
Disables a two-factor provider for the currently authenticated member.
Declaration
[HttpPost]
public Task<IActionResult> Disable(string providerName, string? returnUrl = null)Parameters
| Type | Name | Description |
|---|---|---|
| string | providerName | The name of the two-factor provider to disable. |
| string | returnUrl | Optional URL to redirect to on success. |
Returns
| Type | Description |
|---|---|
| Task<IActionResult> | A redirect to the return URL on success; otherwise the current page. |
Get2FAProviders()
Retrieves the list of two-factor provider names valid for the member currently in the 2FA flow.
Declaration
[AllowAnonymous]
public Task<ActionResult<IEnumerable<string>>> Get2FAProviders()Returns
| Type | Description |
|---|---|
| Task<ActionResult<IEnumerable<string>>> | An Microsoft.AspNetCore.Mvc.ObjectResult containing the list of enabled provider names, or Microsoft.AspNetCore.Mvc.NotFoundResult when no member is in the 2FA flow. |
ValidateAndSaveSetup(string, string, string, string?)
Validates a two-factor setup code and, on success, persists the two-factor login for the currently authenticated member.
Declaration
[HttpPost]
public Task<IActionResult> ValidateAndSaveSetup(string providerName, string secret, string code, string? returnUrl = null)Parameters
| Type | Name | Description |
|---|---|---|
| string | providerName | The name of the two-factor provider being configured. |
| string | secret | The shared secret generated during setup. |
| string | code | The code the member has entered to verify the setup. |
| string | returnUrl | Optional URL to redirect to on success. |
Returns
| Type | Description |
|---|---|
| Task<IActionResult> | A redirect to the return URL on success; otherwise the current page with a validation error added to ModelState. |
Verify2FACode(Verify2FACodeModel, string?)
Verifies a two-factor authentication code for the member currently in the 2FA flow.
Declaration
[AllowAnonymous]
public Task<IActionResult> Verify2FACode(Verify2FACodeModel model, string? returnUrl = null)Parameters
| Type | Name | Description |
|---|---|---|
| Verify2FACodeModel | model | The submitted two-factor code and provider details. |
| string | returnUrl | Optional URL to redirect to on successful verification. |
Returns
| Type | Description |
|---|---|
| Task<IActionResult> | A redirect to the return URL on success; Microsoft.AspNetCore.Mvc.NotFoundResult when no member is in the 2FA flow; otherwise the current page with validation errors added to ModelState. |