Save Device upon logging in with 2FA and rememberClient set

stephenh0312 commented 3 years ago

I am currently using CognitoSignInManager.RespondToTwoFactorChallengeAsync to login using 2FA. Despite setting the rememberClient flag to true, the device does not show up as remembered on the corresnponding cognito user's info on the console.

I've confirmed that Cognito's settings are set up correctly such that a user can opt in to remember devices and to suppress the second factor on a remembered device.

Code

        public string TwoFactorCode { get; set; }

        public bool RememberMachine { get; set; }

        public bool RememberMe { get; set; }

        public async Task<IActionResult> OnPostAsync(string returnUrl = null)
        {
            if (ModelState.IsValid)
            {
                var user = await _signInManager.GetTwoFactorAuthenticationUserAsync();
                if (user == null)
                {
                    throw new InvalidOperationException("Unable to load two-factor authentication user.");
                }
                var result = await _signInManager.RespondToTwoFactorChallengeAsync(TwoFactorCode, RememberMe, RememberMachine);
                if (result.Succeeded)
                {
                    returnUrl ??= Url.Content("~/");
                    return LocalRedirect(returnUrl);
                }

                ModelState.AddModelError("TwoFactorCode", "Invalid 2FA code");
            }

            return Page();
        }

ashishdhingra commented 3 years ago

Hi @stephenh0312,

Good afternoon.

Please advise if it would be possible for you to provide complete sample code solution to reproduce this issue.

Thanks, Ashish

github-actions[bot] commented 3 years ago

This issue has not recieved a response in 2 weeks. If you want to keep this issue open, please just leave a comment below and auto-close will be canceled.

aws / aws-aspnet-cognito-identity-provider

Save Device upon logging in with 2FA and rememberClient set #193