问题
We are using 2FA with ASP.Net Identity 2 via email. This works fine most of the time but in some cases there are delays with the security code getting through to users email, the 6-minute window for the security code then becomes too short.
Is there a way of adjusting this time window for the 2FA code?
回答1:
I think you have to change the validity-timespan in the UserTokenProvider.
Try the following in your UserManager<TApplicationUser> implementation:
public static ApplicationUserManager Create(
IdentityFactoryOptions<ApplicationUserManager> options,
IOwinContext context)
{
/* ...create the user store... */
var manager = new ApplicationUserManager(userStore);
/* ...all the other config stuff... */
var dataProtectionProvider = options.DataProtectionProvider;
if (dataProtectionProvider != null)
{
var tokenProvider = new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity"));
// here's what you're looking for:
tokenProvider.TokenLifespan = TimeSpan.FromMinutes(10);
manager.UserTokenProvider = tokenProvider;
}
return manager;
}
来源:https://stackoverflow.com/questions/28087302/asp-net-identity-2-two-factor-security-code-timespan