PasswordSignInAsync returning Success instead of RequiresVerification

Question

I'm trying to set up Two Factor Authentication on our app. Updated a user in AspNetUsers table and set it's TwoFactorEnabled value to 1 for testing.

While debugging, signInManager.PasswordSignInAsync return just "success", not "requires verification".

This is the line

signInStatus = await signInManager.PasswordSignInAsync(viewModel.Email, viewModel.Password, true, shouldLockout: false);

(Similar questions are generally answered as first value should be name instead of email but I don't think it's the issue. Login works correctly, for example if password is wrong it returns failure.)

I added the line below to Startup.Auth.cs too

app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(10));

I'm still able to work with what I have like this (though I don't want to)

    if (signInStatus == SignInStatus.Success && user.TwoFactorEnabled == true)
{
//rest of code to be written
}

but this feels too makeshift of a solution and feels prone to many future errors. I'd prefer using Identity but I can't at the moment because of this problem.

It is obvious I'm doing something wrong or missing something but I don't know what. Thanks in advance.

Answer 1

SignInManager return RequiresVerification if :

• dbo.ASpnetUsers has for user set to true TwoFactorEnabled and EmailConfirmed and user email should be confirmed, email not be empty or null.