Closed HaoK closed 5 years ago
I tried out the code via scaffolding the fix into a 2.1 app and it seems fine:
This broke a bunch of functional tests so we actually do have coverage, the tests now have some minimal coverage for enabling 2fa behavior with and without cookie consent now.
@Eilon @blowdart @ajcvickers
What happens if the dev removed all the consent code?
They would need to remove this as well I assume? Or does CanTrack cover that case?
I don't know, that's what I'm asking. I would have hoped the check defaulted to true if there was no consent feature, but ...
Are you telling me CanTrack returns false by default? @Tratcher any insight into the behavior?
Updated to assume if no consent feature is there, that means we are good to go (and to allow 2fa)
Fix for https://github.com/aspnet/Identity/issues/2034