Developer forum

Logon and Logoff are very different in Dynamicweb 9 and Dynamicweb 10 as the latter utilizes Microsoft.AspNetCore.Authentication from asp.net core.

So you cannot do what you try as it belongs to the DW9 world.

I can see you do a logiin notification subscriber and as part of that also do the logoff. That is probably not going to work.

You can logoff the user like this using Microsoft.AspNetCore.Authentication and Microsoft.AspNetCore.Http namespaces:

var context = HttpContextAccessor.HttpContext;
if (context is null)
    throw new InvalidOperationException($"{nameof(HttpContextAccessor.HttpContext)} is null");
await context.SignOutAsync("Dynamicweb.Extranet");

That requires that you are in the context of asp.net and can get hold of a HttpContextAccessor instance - that would be in some middleware - and your notification subscriber is probably not in that context.

Instead you might be able to redirect the user to /Admin/Public/ExtranetLogoff.aspx after you have done what you do - and that would logoff the user.

You can also explain what you are trying to do - there is probably another way.

Hi Nicolai,

We are trying to setup 2FA for the frontend. As this is not currently available in DW we have to find some workarounds. In DW9 we had it working so that we capture a successful user login and then log them out again and send the 2FA code to confirm the login. This was not ideal, but it worked quite well without too many changes.

We will need to customise the login screen a bit more for DW10 to handle these changes.

Regards,

Jon.

In DW9 if you create External Login provider you can handle 2FA easily

but DW10 External Login providers not support yet

Hi Shiwanka,

Yes, that is true. But we don't want to use an external login provider and we already have a good solution in DW9. Too bad we have to start again with DW10.

Looks like I will have to develop something custom with the DW API to handle this.

Regards,

Jon.