I am new using two-factor authentication and have problems.Error is raising after sms code verify button click.I am registering and then entering the sms code the error is,
The provided anti-forgery token was meant for a different claims-based user than the current user.
I am using
Microsoft.AspNet.Identity.Core v2.2.2
Microsoft.AspNet.Identity.Owin v2.2.2
I am trying to use SMS authentication for every login.In my controller is the order of methods is like this,
For register :
await UserManager.CheckUserDuplicate(user);
await UserManager.CreateAsync(user, model.Password);
await UserManager.AddToRoleAsync(user.Id, FrSettings.Settings.DefaultRole);
await UserManager.SetTwoFactorEnabledAsync(user.Id, true);
string code = await UserManager.GenerateChangePhoneNumberTokenAsync(user.Id, user.CepNo);
var message = new IdentityMessage
{
Destination = user.CepNo,
Body = SystemMessage.SmsMessage + code
};
SignInStatus resultSignIn = await SignInManager.PasswordSignInAsync(user.UserName, model.Password, false, false);
switch (resultSignIn)
{
case SignInStatus.Success:
await UserManager.SmsService.SendAsync(message);
break;
case SignInStatus.LockedOut:
break;
case SignInStatus.RequiresVerification:
await UserManager.SmsService.SendAsync(message);
break;
case SignInStatus.Failure:
break;
default:
throw new ArgumentOutOfRangeException();
}
And for login :
await UserManager.ChangePhoneNumberAsync(User.Identity.GetUserId(), User.Name(), model.SmsCode);
My login is not finished but my first method is this.Please do not avoid to make suggestions about login correctly and secure.
If need more info about project I can update!.
UPDATE INFO 1 :
After login or register I am not using redirect.I am using ajax in one page for all account actions.
