ASP.NET身份密码要求重写我自己的
本文关键字:重写 我自己 自己的 NET 身份 密码 ASP | 更新日期: 2023-09-27 18:08:29
所以我需要导入一堆用户到我的ASP。系统基于。NET身份,有些密码很短(只有三个字符),超出了我的控制范围。我需要导入这些密码,以便现有用户可以登录和更改密码,以满足更严格的要求。
我认为通过在我的ApplicationUserManager类中配置PasswordValidator属性,我可以将导入密码的要求设置为一个较低的数字,从而允许我导入现有的用户。
// Configure validation logic for passwords
appUserManager.PasswordValidator = new PasswordValidator
{
RequiredLength = 3,
RequireNonLetterOrDigit = false,
RequireDigit = false,
RequireLowercase = false,
RequireUppercase = false,
};
然而,当我导入用户并尝试创建新记录时,我在IdentityResult中得到验证错误。
IdentityResult result = manager.Create(newUser, importedUser.Password);
result.Errors = "Passwords must be at least 6 characters."
不可能覆盖标识默认需求吗?
这里是整个ApplicationUserManager类的参考:
public class ApplicationUserManager : UserManager<ApplicationUser>
{
public ApplicationUserManager(IUserStore<ApplicationUser> store)
: base(store)
{
PasswordValidator = new MinimumLengthValidator(3);
}
public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
{
var appDbContext = context.Get<ApplicationDbContext>();
var appUserManager = new ApplicationUserManager(new UserStore<ApplicationUser>(appDbContext));
// Configure validation logic for usernames
appUserManager.UserValidator = new UserValidator<ApplicationUser>(appUserManager)
{
AllowOnlyAlphanumericUserNames = true,
RequireUniqueEmail = false
};
// Configure validation logic for passwords
appUserManager.PasswordValidator = new PasswordValidator
{
RequiredLength = 3,
RequireNonLetterOrDigit = false,
RequireDigit = false,
RequireLowercase = false,
RequireUppercase = false,
};
appUserManager.EmailService = new Services.EmailService();
var dataProtectionProvider = options.DataProtectionProvider;
if (dataProtectionProvider != null)
{
appUserManager.UserTokenProvider = new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity"))
{
//Code for email confirmation and reset password life time
TokenLifespan = TimeSpan.FromHours(6)
};
}
return appUserManager;
}
}
我找到问题了。上面列出的ApplicationUserManager类是从API控制器调用的。然而,我试图将用户导入到API之外的数据库中。我需要做的是将密码验证覆盖放在导入用户的方法中。特别是在我实例化manager的地方。下面是一个例子:
foreach (var user in UserList)
{
var manager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(new ApplicationDbContext()));
manager.PasswordValidator = new MinimumLengthValidator(3);
var roleManager = new RoleManager<IdentityRole>(new RoleStore<IdentityRole>(new ApplicationDbContext()));
var newUser = new ApplicationUser()
{
UserName = user.UserName,
UserId = user.UserId,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
};
// Assign the password
IdentityResult result = manager.Create(newUser, user.Password);
// Assign the role
var addedUser = manager.FindByName(user.UserName);
manager.AddToRoles(addedUser.Id, new string[] { "User" });
}
注意manager.PasswordValidator = new MinimumLengthValidator(3);行。这里是我定义密码覆盖的地方。以前,我将密码覆盖放在ApplicationUserManager类中,认为它将覆盖manager创建的所有实例。解决方案是在使用ApplicationUserManager类的地方定义密码覆盖。对于自己的回答,我很抱歉,但我想写下解决方案,以防其他人遇到同样的问题。
检查你的网页。