Sitefinity Custom 2FA Authentication

Posted byhawjehPosted in.NET, ASP.NET, CMS, SitefinityTags:, , ,

Idea in general:

1/ Create a new user in Sitefinity
2/ User receive QR code and setup in Authenticator
3/ User login with username & password -> Prompt for 2FA code
4/ Login Successful!

Sample Code:

hawjeh/Sitefinity2fa (github.com)

Steps:

1/ Go to /Sitefinity/Administration/ProfileTypes -> Basic Profile
Add a custom field – AuthCode (ShortText) in user profile

2/ Create a new user, wait for email and setup the Authenticator in your mobile.

3/ Go to /Sitefinity/Administration/Settings/Advanced
a/ Authentication -> Authentication protocol -> set to SimpleWebToken
b/ Security -> RelyingParties -> Add a new record, and state the realm=”<host>”, key can be exactly same as the default localhost’s key.
c/ Security -> SecurityTokenIssuers -> Add a new record, and state the realm=”<host>”, key can be exactly same as the default localhost’s key.

4/ Update wsFederation at web.config

  <system.identityModel.services>
    <federationConfiguration>
      <wsFederation passiveRedirectEnabled="true" issuer="http://<host>/wsauth/authenticate/swt" realm="http://<host>" requireHttps="false" />
      <cookieHandler requireSsl="false" />
    </federationConfiguration>
  </system.identityModel.services>

5/ Restart Sitefinity.

6/ Go to /Sitefinity, it will route you to the sample login screen

Further enhancements:

1/ Make fields configurable, such as:
– custom field name
– email template
2/ Make it work in all Sitefinity version (Currently tested in v12.2)

References:

https://github.com/timw255/timw255.Sitefinity.TwoFactorAuthentication
https://github.com/rickbassham/two-factor
https://www.codeproject.com/Articles/403355/Implementing-Two-Factor-Authentication-in-ASP-NET
https://knowledgebase.progress.com/articles/Article/Modifying-Sitefinitys-backend-login-page

4 thoughts on “Sitefinity Custom 2FA Authentication

    1. Hi Gihan,

      I believe it is working for v13.x onwards as long as we specified the Authentication protocol and security setting properly.
      It is a shamed that I do not have chance to work on v13.x yet. Will further update if I came across to v13.x.

      Thanks!

      Like

      Reply

      1. I already tried. but its after authenticated, instead of dashboard, it will redirect me back to login page

        Like

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s