Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at

  • Cornelis 12 posts 113 karma points
    Jul 29, 2020 @ 14:49

    How do I get user info during login, after the actual login but before calling SetAuthenticationSuccessful

    I am implementing 2FA for users in Umbraco 8 backoffice and I have the most of it working. But I got stuck at a point where I need user data but I cannot figure out how to get it.

    I need to know which user is logging in after he/she/it has entered the credentials and lands on the 2FA custom login page but before submitting a code on that page.

    The additional login 2FA page is shown via

    public string GetTwoFactorView(IOwinContext owinContext, UmbracoContext umbracoContext, string username) =>

    This template has an angularjs controller:

    <div ng-controller="mfaLoginController" class="umb-login-container">

    and in the controller I got access to the services:


    Unfortunately, both services doesn't seem to have the user data yet I need. It seems the user data is available after calling executing the verify2FACode:

            authResource.verify2FACode(providerName, quoted($scope.code)).then(
                data => {
                    //Normally, this should be $scope.submit(true); 
                    //But this isn't working in umbraco 8, probably a bug?.
                    //For more info, check
                () => $scope.pinCodeMessage = pinCodInvalidMessage

    The data in setAuthenticationSuccessful(data) seems to have the user info so this info is too late.

    Is there another service I could inject that actually got the information I need?

    Also, I need this information for some API calls I want to make. I figured out that a cookie is set after the login step 1, named


    And I can read the content of the cookie of course with

    var mfaCookie = Request.Headers.GetCookies(".AspNet.UmbracoTwoFactorCookie").FirstOrDefault()
                    .Cookies.FirstOrDefault(cookie => cookie.Name == ".AspNet.UmbracoTwoFactorCookie").Value;

    But this contains an encrypted OWIN string and I haven't succeeded yet in decrypting the string. Many decryptors I found uses the MachineKey decrypting but when I try to use those, it always ends up in the error:

    Error occurred during a cryptographic operation.

    Even when I put a machinekey in my web.config, I still get this error.

    Is there a way to get the user data (even when login is not successful yet because the user needs to enter a PIN-code) in the backend instead of retrieving it in the frontend perhaps?

    PS: I also opened a topic on stackoverflow as I am that eager to solve this issue.

  • Cornelis 12 posts 113 karma points
    Jul 30, 2020 @ 15:00

    I figured it out. By coincidence, while investigating a possible different solution for the problem I have, I stumbled on the AuthenticatorController of Umbraco (hooray for open source) and I saw this piece of code:

    private BackOfficeSignInManager _signInManager;
    private BackOfficeSignInManager SignInManager => _signInManager ?? (_signInManager = TryGetOwinContext().Result.GetBackOfficeSignInManager());

    Fortunately, I am able to use this code too in my controller and this line of code gave me what I need.

    var userId = await SignInManager.GetVerifiedUserIdAsync();
  • Simon Dingley 1441 posts 3368 karma points c-trib
    Jul 22, 2021 @ 10:48
    Simon Dingley

    Thanks for sharing this it has been really helpful in getting over a hurdle I was stuck on like you.

    In your API controller were you inheriting from UmbracoAuthorizedApiController or UmbracoApiController? My current problem is that I am using UmbracoAuthorizedApiController but understandably I get a 401 unauthorised error. I could make the verification endpoint public to get around this but it's not sitting right with me and I'm thinking I may need to come up with my authorisation attribute that makes use of the SignInManager in your example to at least check for the presence of the user id first.

  • Jason 3 posts 73 karma points
    Sep 29, 2021 @ 16:50

    Can you please guide me through what steps you took to create the the 2FA ?

  • Cornelis 12 posts 113 karma points
    Sep 30, 2021 @ 07:13

    Most of the 2FA steps in my process I got from this article:

    end the follow up part 2:

    If there is anything specifically unclear for you then feel free to ask a more detailed question with code examples or errors and perhaps I can help you out.

  • Jason 3 posts 73 karma points
    Sep 30, 2021 @ 17:38

    Thanks for getting back to me. I am trying this on Umbraco 9. I am following some of the code snippets from your question and articles you sent me but I see that OWIN does not exist anymore in .NET 5 and I am trying to figure out how to trigger and display custom view after signon.

  • Cornelis 12 posts 113 karma points
    Oct 01, 2021 @ 07:15

    ah y I haven't tried to build the 2FA in Umbraco 9 yet so currently I cannot help you with that.

Please Sign in or register to post replies

Write your reply to: