如何覆盖ASP.NET Core Identity的密码策略

本文介绍了如何覆盖ASP.NET Core Identity的密码策略的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

默认情况下，ASP.NET Core Identity的密码策略至少需要一个特殊字符，一个大写字母，一个数字，...

By default, ASP.NET Core Identity's password policy require at least one special character, one uppercase letter, one number, ...

如何更改此限制?

文档中没有关于此的任何内容( docs .asp/en/latest/security/authentication/identity.html )

There is nothing about that in the documentation (docs.asp/en/latest/security/authentication/identity.html)

我尝试覆盖身份的用户管理器，但看不到哪种方法管理密码策略.

I try to override the Identity's User Manager but I don't see which method manages the password policy.

public class ApplicationUserManager : UserManager<ApplicationUser> { public ApplicationUserManager( DbContextOptions<SecurityDbContext> options, IServiceProvider services, IHttpContextAccessor contextAccessor, ILogger<UserManager<ApplicationUser>> logger) : base( new UserStore<ApplicationUser>(new SecurityDbContext(contextAccessor)), new CustomOptions(), new PasswordHasher<ApplicationUser>(), new UserValidator<ApplicationUser>[] { new UserValidator<ApplicationUser>() }, new PasswordValidator[] { new PasswordValidator() }, new UpperInvariantLookupNormalizer(), new IdentityErrorDescriber(), services, logger // , contextAccessor ) { } public class PasswordValidator : IPasswordValidator<ApplicationUser> { public Task<IdentityResult> ValidateAsync(UserManager<ApplicationUser> manager, ApplicationUser user, string password) { return Task.Run(() => { if (password.Length >= 4) return IdentityResult.Success; else { return IdentityResult.Failed(new IdentityError { Code = "SHORTPASSWORD", Description = "Password too short" }); } }); } } public class CustomOptions : IOptions<IdentityOptions> { public IdentityOptions Value { get; private set; } public CustomOptions() { Value = new IdentityOptions { ClaimsIdentity = new ClaimsIdentityOptions(), Cookies = new IdentityCookieOptions(), Lockout = new LockoutOptions(), Password = null, User = new UserOptions(), SignIn = new SignInOptions(), Tokens = new TokenOptions() }; } } }

我在启动类中添加了此用户管理器依赖项:

I add this user manager dependency in startup's class :

services.AddScoped<ApplicationUserManager>();

但是当我在控制器中使用ApplicationUserManager时，出现错误: 处理请求时发生未处理的异常.

But when I'm using ApplicationUserManager in controllers, I have the error : An unhandled exception occurred while processing the request.

InvalidOperationException:尝试激活"ApplicationUserManager"时，无法解析类型为"Microsoft.EntityFrameworkCore.DbContextOptions`1 [SecurityDbContext]"的服务.

编辑:当我使用ASP.NET Core Identity的默认类时，用户的管理起作用，因此这不是数据库问题或类似问题

User's management works when I use the ASP.NET Core Identity's default classes, so it's not a database problem, or something like this

我找到了解决方案，您只需在启动类中配置Identity.我的答案提供了一些细节.

推荐答案

最后很简单...

无需重写任何类，只需在启动类中配置标识设置，如下所示:

No need to override any class, you have just to configure the identity settings in your startup class, like this :

services.Configure<IdentityOptions>(options => { options.Password.RequireDigit = false; options.Password.RequiredLength = 5; options.Password.RequireLowercase = true; options.Password.RequireNonLetterOrDigit = true; options.Password.RequireUppercase = false; });

或者您可以在添加身份时配置身份:

Or you can configure identity when you add it :

services.AddIdentity<ApplicationUser, IdentityRole>(options=> { options.Password.RequireDigit = false; options.Password.RequiredLength = 4; options.Password.RequireNonAlphanumeric = false; options.Password.RequireUppercase = false; options.Password.RequireLowercase = false; }) .AddEntityFrameworkStores<SecurityDbContext>() .AddDefaultTokenProviders();

AS.NET Core绝对是好东西...

AS.NET Core is definitively good stuff ...