[Archived] ASP.NET Core Identity is the membership system for building ASP.NET Core web applications, including membership, login, and user data. Project moved to https://github.com/aspnet/AspNetCore
Apache License 2.0
1.97k
stars
871
forks
source link
Block enabling 2fa if cookie policy not accepted #2034
Not accepting the cookie policy prevents temp cookies from being used which interrupts 2fa flows like displaying recovery codes (which is an issue during registration).
The fix for 2.2 is to block the ability to enable 2fa when cookie consent is not given.
Not accepting the cookie policy prevents temp cookies from being used which interrupts 2fa flows like displaying recovery codes (which is an issue during registration).
The fix for 2.2 is to block the ability to enable 2fa when cookie consent is not given.