我正在尝试在MVC 5项目中使用新的ASP.NET身份实现自定义身份验证.
I am trying to implement custom authentication using the new ASP.NET Identity in an MVC 5 project.
我有一个单个用户名和密码,我想用来限制用户可以通过控制器和视图上的[Authorize]标签看到用户的网站页面. (容易)
I have a single username and password that I want to use to restrict which pages of the website the user can see via [Authorize] tags on controllers and views. (Easy)
我正在从FormsAuthentication模型进行迁移,该模型就像将凭据放入web.config一样简单.
I am migrating from a FormsAuthentication model whereby this was as simple as putting the credentials in the web.config.
因为我只有一个用户名和密码,我不想将数据库用作UserStore ,相反,我希望ASP.NET Identity可以从一个用户名和密码中检索用户名和密码. web.config中的自定义配置"部分(不必担心该部分).
Because I only have a single username and password I don't want to use a database as the UserStore, instead I want ASP.NET Identity to retrieve the username and password from a custom configurationsection in the web.config (don't worry about that part).
经过大量搜索,我找不到不依赖数据库进行ASP.NET身份验证的代码示例.
After much search, I can't find a code sample that doesn't rely on a database for ASP.NET Identity authentication.
因此,我正在寻找一个代码示例,以便在身份验证时,用户可以输入自定义代码来检查用户名&密码与web.config的自定义ConfigurationSection中的凭据相对应.
So i'm looking for a code sample that at the point of authentication, the user can put in custom code to check the username & password against the credentials in the custom ConfigurationSection of the web.config.
有人可以向我指出正确的方向吗?
Can someone please point me in the right direction thanks.
更新:我尝试查看此代码示例,但它甚至没有开箱即用地编译. code.msdn.microsoft/Simple-Aspnet-Identiy -Core-7475a961
Update : I've tried looking at this code sample but it doesn't even compile out of the box.. poor. code.msdn.microsoft/Simple-Aspnet-Identiy-Core-7475a961
更新:我不想使用FormsAuthentication的原因是我正在编写将要安装到Web应用程序中的NuGet程序包. NuGet软件包将要做的一件事是在web.config中创建一个自定义ConfigurationSection,其中包括(其中包括)单个用户名和密码.我认为这样做会更安全,因为它不会更改目标Web应用程序中当前存在的任何现有FormsAuthentication设置.
Update : The reason that I don't want to use FormsAuthentication is that I am writing a NuGet package that will be installed into a web application. One of the things the NuGet package will do is create a custom ConfigurationSection in the web.config that includes (among other things) a single username and password. I thought this would be safer as it wouldn't alter any existing FormsAuthentication settings currently in the target web application.
更新:我认为我已经开始使用它了.即将发布调查结果.
Update : I think I have got it working. Will post findings soon.
-李
推荐答案我现在在这里有代码的工作副本 github/leeenglestone/ASP.NET-Identity-Without-a-Database
I now have a working copy of the code here github/leeenglestone/ASP.NET-Identity-Without-a-Database
它很大程度上基于Santosh Poojari已经完成的工作
It is based heavily on the work already done by Santosh Poojari
-李
更多推荐
如何在没有数据库的情况下使用ASP.NET Identity
发布评论