Monday, May 29, 2017
 

ASP.NET MVC Web Application with Two-Factor Authentication

This tutorial explains step by step how you can add two-factor authentication via SMS with the ASPSMS gateway to your ASP.NET MVC project. The sample uses Visual C # and requires a minimum of Visual Studio 2013.

  1. New ASP.NET-Project
  2. Add Service Reference: ASPSMS SOAP Web Service
  3. Make ASPSMS credentials available in Web.config
  4. Configure ASP.NET Identity SmsService
  5. Update code of Manage View
  6. Add a mobile phone number
  7. Enable Two-Factor Authentication
  8. Try to login
  1. New ASP.NET-Project

    New ASP.NET-Project

    In Visual Studio 2013, create a new Visual C# ASP.NET Web application. Select the template MVC and make sure that the authentication is set to "Individual user accounts".



  2. Add Service Reference: ASPSMS SOAP Web Service

    Add Service Reference: ASPSMS SOAP Web Service

    Copy/Paste Web Service Address and Namespace and add the Service Reference to your project.

    Address (copy/paste)


    Namespace (copy/paste)


    Add Service Reference: ASPSMS SOAP Web Service



  3. Make ASPSMS credentials available in Web.config
    <appSettings>
        <add key="webpages:Version" value="3.0.0.0" />
        <add key="webpages:Enabled" value="false" />
        <add key="ClientValidationEnabled" value="true" />
        <add key="UnobtrusiveJavaScriptEnabled" value="true" />
        <add key="ASPSMSUSERKEY" value="MYUSERKEY" />
        <add key="ASPSMSPASSWORD" value="MYPASSWORD" />
        <add key="ASPSMSORIGINATOR" value="+41790000000" />
    </appSettings>

    Make the ASPSMS credentials available to your project by adding the following lines of code to the Web.config:

    (copy/paste)


    Replace the placeholders <USERKEY> and <PASSWORD> with userkey and password of your ASPSMS account.



  4. Configure ASP.NET Identity SmsService
    public class SmsService : IIdentityMessageService
    {
        public Task SendAsync(IdentityMessage message)
        {
            // Plug in your SMS service here to send a text message.
            var soapSms = new WebApplication2.ASPSMSX2.ASPSMSX2SoapClient("ASPSMSX2Soap");
            soapSms.SendSimpleTextSMS(
                System.Configuration.ConfigurationManager.AppSettings["ASPSMSUSERKEY"],
                System.Configuration.ConfigurationManager.AppSettings["ASPSMSPASSWORD"],
                message.Destination,
                System.Configuration.ConfigurationManager.AppSettings["ASPSMSORIGINATOR"],
                message.Body);
            soapSms.Close();
            return Task.FromResult(0);
        }
    }

    Insert the code to call the ASPSMS SOAP Web Service into the SmsService class in the file App_Start\IdentityConfig.cs:

    (copy/paste)



  5. Update code of Manage View
    @model WebApplication2.Models.IndexViewModel
    @{
        ViewBag.Title = "Manage";
    }
    
    <h2>@ViewBag.Title.</h2>
    
    <p class="text-success">@ViewBag.StatusMessage</p>
    <div>
        <h4>Change your account settings</h4>
        <hr />
        <dl class="dl-horizontal">
            <dt>Password:</dt>
            <dd>
                [
                @if (Model.HasPassword)
                {
                    @Html.ActionLink("Change your password", "ChangePassword")
                }
                else
                {
                    @Html.ActionLink("Create", "SetPassword")
                }
                ]
            </dd>
            <dt>External Logins:</dt>
            <dd>
                @Model.Logins.Count [
                @Html.ActionLink("Manage", "ManageLogins") ]
            </dd>
            @*
                Phone Numbers can used as a second factor of verification in a two-factor authentication system.
    
                 See <a href="http://go.microsoft.com/fwlink/?LinkId=403804">this article</a>
                    for details on setting up this ASP.NET application to support two-factor authentication using SMS.
    
                 Uncomment the following block after you have set up two-factor authentication
            *@
            <dt>Phone Number:</dt>
            <dd>
                @(Model.PhoneNumber ?? "None") [
                @if (Model.PhoneNumber != null)
                {
                    @Html.ActionLink("Change", "AddPhoneNumber")
                    @:  | 
                    @Html.ActionLink("Remove", "RemovePhoneNumber")
                }
                else
                {
                    @Html.ActionLink("Add", "AddPhoneNumber")
                }
                ]
            </dd>
            <dt>Two-Factor Authentication:</dt>
            <dd>
                @if (Model.TwoFactor)
                    {
                        using (Html.BeginForm("DisableTwoFactorAuthentication", "Manage", FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
                        {
                            @Html.AntiForgeryToken()
                            <text>Enabled
                            <input type="submit" value="Disable" class="btn btn-link" />
                            </text>
                        }
                    }
                    else
                    {
                        using (Html.BeginForm("EnableTwoFactorAuthentication", "Manage", FormMethod.Post, new { @class = "form-horizontal", role = "form" }))
                        {
                            @Html.AntiForgeryToken()
                            <text>Disabled
                            <input type="submit" value="Enable" class="btn btn-link" />
                            </text>
                        }
                    }
            </dd>
        </dl>
    </div>

    The needed code can either be activated by removing the Razor comment delimiters @* and *@

    Or you can simply copy the code below and replace the appropriate section in the file Views\Manage\Index.cshtml:

    (copy/paste)



  6. Add a mobile phone number

    Manage

    Start your project and create a new account. A mouse click on the selected account email address will take you to the Management page. [Add] your phone number.

    Add a Phone number

    Add your mobile phone number. ASP.NET Identity sends a verification code to that number.

    Enter verification code

    Enter the verification code received.



  7. Enable Two-Factor Authentication

    Enable Two-Factor Authentication

    Enable two-factor authentication.



  8. Try to login

    Überprüfungscode senden

    Log off and log on again. You will be prompted to let Send the verification code as a phone code.

    Überprüfungscode eingeben

    Enter the code which has been sent to your mobile phone and decide whether to "remember this browser" or if your application requires a Two-factor authentication regardless of the used browser.


    You got it? Happy Coding :-)


New User Registration

Click here for the ASPSMS new user registration.
Have you already registered? Log in with your user e-mail address and password.

Username 
Password 
Forgot Login Password?   


Available SMS tools and interfaces for ASPSMS

Factsheets
Purpose and business examplesPDF
SMS tools for End Users
NamePricing
NEW:Microsoft Office Outlook 2013-2016: Email to SMSfree
Microsoft Office Outlook 2010 Mobile Servicefree
Microsoft Office Outlook 2007 Mobile Servicefree
SMSBLASTER web editionfree
SMS Blaster Windows Editionfree
SMS touch for iPhone and iPod touchShareware
ECO-SMS - Ökologische SMS!Shareware
Cybersystems mscrmSMSsee price list for details
Jabber-Client Chatopus for Palm OSsmall one-time payment
delight Software GmbHsee price list for details
ASPSMS Widget for Macfree
SMS scripts and interfaces for developers
NamePricing
NEW: ASPSMS Dot Net Assembly on NuGet free
ASPSMS JSON API (REST) free
C# Microsoft ASP.NET Identity MVC (for SOAP)free
Node.js interface for ASPSMSfree
PHP Class for ASPSMS SOAP web servicefree
aspsms.dll (Active-X)free
SOAP Web Servicefree
XML-Interfacefree
ASPSMS SMTP Interfacefree
VBscript Class (ASP)free
HTTPfree
PHP - Python - C# - Javafree
Jabber to SMS for Server Adminsfree (open source)
SMS Blaster Visual Basic Source Codefree
ASPTOKENfree
Network coverage
Supported networks around the world
VADIAN.NET AG
Katharinengasse 10
CH - 9004 St.Gallen
 
Phone: +41 71 246 56 56
Fax: +41 71 246 56 57
E-Mail: keyaccounts@aspsms.com
 
Founded: 1995
Company Number: CH-170.3.020.905-6
VAT-Number: CHE-102.692.722 MWST

Swiss Quality

OFCOM registered Telecommunications Service Provider (254900005).

ASPSMS is a product of VADIAN.NET AG (founded in 1995), a Swiss based Internet and Mobile Solutions pioneer. Thus, all data collected from you are automatically subject ofthe strict privacy policies of Switzerland. ASPSMS is Swiss technology that is fully developed in Switzerland. The support team also works in Switzerland. VADIAN.NET AG is today one of the leading global providers of SMS solutions with more than 200’000 satisfied business clients. The product ASPSMS was launched in 2001.

Copyright 1995 - 2017 by VADIAN.NET AG