如何在ASP.NET 5 MVC 6(vNext)中定义Identity的密码规则?
ASP.NET 5中提供的默认身份提供程序默认情况下具有非常严格的密码规则,要求使用小写字符,大写字符,非字母数字字符和数字。 我正在寻找一种方法来更改提供者的密码要求。
以前在ASP.NET 4中,可以通过Web.config XML文件configuration提供程序,如以前所回答的那样 。 但是,ASP.NET 5使用新的基于代码的configuration模式,不清楚如何configuration标识。
如何更改我的应用程序的密码要求?
我实际上最终弄清楚了这一点,事实certificate,你需要提供一个合适的lambdaexpression式来配置它提供的IdentityOptions的AddDefaultIdentity。 这在Startup类的ConfigureServices方法内完成,如下所示:
public class Startup { public void ConfigureServices(IServiceCollection services) { // Add Identity services to the services container. services.AddDefaultIdentity<ApplicationIdentityDbContext, ApplicationUser, IdentityRole>(Configuration, o => { o.Password.RequireDigit = false; o.Password.RequireLowercase = false; o.Password.RequireUppercase = false; o.Password.RequireNonLetterOrDigit = false; o.Password.RequiredLength = 7; }); } } 更新2:
以上是beta1版本框架中的情况,在最新的rc1 beta5中,它稍微改变了一下:
services.AddIdentity<ApplicationUser, IdentityRole>(o => { // configure identity options o.Password.RequireDigit = false; o.Password.RequireLowercase = false; o.Password.RequireUppercase = false; o.Password.RequireNonAlphanumeric = false; o.Password.RequiredLength = 6; }) .AddEntityFrameworkStores<ApplicationIdentityDbContext>() .AddDefaultTokenProviders();
在startup.cs中:
services.AddIdentity<ApplicationUser, IdentityRole>(x => { x.Password.RequiredLength = 6; x.Password.RequireUppercase = false; x.Password.RequireLowercase = false; x.Password.RequireNonAlphanumeric = false; }).AddEntityFrameworkStores<ApplicationDbContext>().AddDefaultTokenProviders();
如果您使用Individual User Accounts设置了新的Web项目,请转至:
App_Start -> IdentityConfig.cs
在那里你可以编辑下面的默认值:
manager.PasswordValidator = new PasswordValidator { RequiredLength = 6, RequireNonLetterOrDigit = true, RequireDigit = true, RequireLowercase = true, RequireUppercase = true, };
我想要做的是自定义密码规则,以便它应该包含至less2个以下组中的字符:小写字母,大写字母,数字和特殊符号 。
这不是我可以通过更改PasswordValidator选项来做的事情:
manager.PasswordValidator = new PasswordValidator { RequiredLength = 6, RequireNonLetterOrDigit = false, RequireDigit = false, RequireLowercase = false, RequireUppercase = false, };
所以相反,我通过扩展IIdentityValidator创build了一个自定义validation器…
首先,在extensionMethods文件夹中创build一个新文件CustomPasswordValidator.cs:
public class CustomPasswordValidator : IIdentityValidator<string> { public int RequiredLength { get; set; } public CustomPasswordValidator(int length) { RequiredLength = length; } public Task<IdentityResult> ValidateAsync(string item) { if (String.IsNullOrEmpty(item) || item.Length < RequiredLength) { return Task.FromResult(IdentityResult.Failed( String.Format("Password should be at least {0} characters", RequiredLength))); } int counter = 0; List<string> patterns = new List<string>(); patterns.Add(@"[az]"); // lowercase patterns.Add(@"[AZ]"); // uppercase patterns.Add(@"[0-9]"); // digits patterns.Add(@"[!@#$%^&*\(\)_\+\-\={}<>,\.\|""'~`:;\\?\/\[\]]"); // special symbols foreach (string p in patterns) { if (Regex.IsMatch(item, p)) { counter++; } } if (counter < 2) { return Task.FromResult(IdentityResult.Failed( "Please use characters from at least two of these groups: lowercase, uppercase, digit, secial")); } return Task.FromResult(IdentityResult.Success); } }
然后转到IdentityConfig.cs,并在Create方法中初始化它:
manager.PasswordValidator = new CustomPasswordValidator(6); /* // You don't need this anymore manager.PasswordValidator = new PasswordValidator { RequiredLength = 6, RequireNonLetterOrDigit = true, RequireDigit = true, RequireLowercase = true, RequireUppercase = true, }; */
