ASP.NET MVC Identity - how to change format of generated Token in SMS

Question

Using the two factor authentification in ASP.NET MVC / Identity, I successfully set up the UserManager.SmsService.

By default, ASP.NET Identity generates a 6 digit long verification token which is sent by SMS. However, our requirement is to have a 4 characters long alphanumeric token instead.

The code is generated with this command:

var code = await UserManager.GenerateChangePhoneNumberTokenAsync(User.Identity.GetUserId(), phoneNumber);

Is there a way to define the format of the generated code?

Looking at the source code for ASP.NET identity 2.3 (current RTM), the number of digits is hardcoded (see like 35/36 of https://www.symbolsource.org/MyGet/Metadata/aspnetwebstacknightly/Project/Microsoft.AspNet.Identity.Core/2.3.0-rtm-150806/Release/Default/Microsoft.AspNet.Identity.Core/Microsoft.AspNet.Identity.Core/Rfc6238AuthenticationService.cs). So it't not possible except by overwriting the complete mechanism which might have impact on other features as well. — Stephen Reindl, Jan 09 '16 at 10:09

score 0 · Answer 1 · answered Jan 28 '21 at 13:10

Yes you can. Check this SO answer for details.

Basically you have to create a class inheriting IUserTokenProvider<TUser, TKey> and implement those two methods: GenerateAsync and ValidateAsync.

There you will write the code to generate and validate your six characther token. The same token will be used everywhere inside the ASP.NET Identity without any other code change.

ASP.NET MVC Identity - how to change format of generated Token in SMS

1 Answers1