我们实施了一个管理系统,允许管理员更改密码复杂性规则。启动时,这些选项将应用于services.AddIdentity<User, Role>(setupAction)中的核心标识 asp.net。因此,每当我们重新启动服务器应用程序时,都会应用这些选项。我们如何在运行时强制重新加载这些设置(无需重新启动应用程序(
不要在"启动"中设置选项。而是添加自定义密码验证器:
services.AddIdentity<ApplicationUser, IdentityRole>()
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders()
.AddPasswordValidator<UsernameAsPasswordValidator<ApplicationUser>>();
寄件人: https://andrewlock.net/creating-custom-password-validators-for-asp-net-core-identity-2/
从
服务中删除密码选项。AddIdentity<User,>(setupAction(
然后使用 services.Configure<IdentityOptions>(options =>{ options.Password.RequireDigit = 3;....});添加密码选项
从数据库更改标识选项的示例
private readonly UnitOfWork _unitOfWork;
private readonly IdentityOptions options;
private readonly DataProtectionTokenProviderOptions _tokenProviderOptions;
private readonly EmailConfirmationTokenProviderOptions _emailTokenProrvider;
public UpdateHandler(UnitOfWork unitOfWork, IOptions<IdentityOptions> options,
IOptions<DataProtectionTokenProviderOptions> tokenProviderOptions,
IOptions<EmailConfirmationTokenProviderOptions> emailTokenProrvider)
{
_unitOfWork = unitOfWork;
_emailTokenProrvider = emailTokenProrvider.Value;
_tokenProviderOptions = tokenProviderOptions.Value;
this.options = options.Value;
}
public async Task<ResultResponse> Handle(UpdatePolicy request, CancellationToken cancellationToken)
{
if (_unitOfWork.IdentitySettingPolicy.SettingExist(request.IdentitySetting.Id))
{
var setting = request.IdentitySetting;
_unitOfWork.IdentitySettingPolicy.UpdateSetting(request.IdentitySetting);
_unitOfWork.Save();
options.Password.RequireDigit = setting.RequireDigit;
options.Password.RequiredLength = setting.RequiredLength;
options.Password.RequireNonAlphanumeric = setting.RequireNonAlphanumeric;
options.Password.RequireUppercase = setting.RequireUppercase;
options.Password.RequireLowercase = setting.RequireLowercase;
options.Password.RequiredUniqueChars = setting.RequiredUniqueChars;
// Lockout settings
options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(setting.DefaultLockoutTimeSpanMinute);
options.Lockout.MaxFailedAccessAttempts = setting.MaxFailedAccessAttempts;
options.Lockout.AllowedForNewUsers = true;
// User settings
options.User.RequireUniqueEmail = false;
// SignIn settings
//options.SignIn.RequireConfirmedEmail = false;
// options.SignIn.RequireConfirmedPhoneNumber = false;
options.SignIn.RequireConfirmedAccount = setting.RequireConfirmedAccount;
//Email token provider
options.Tokens.EmailConfirmationTokenProvider = "EmailConFirmation";
_tokenProviderOptions.TokenLifespan = TimeSpan.FromHours(setting.TokenLifespanHour);
_emailTokenProrvider.TokenLifespan = TimeSpan.FromHours(setting.TokenLifespanHour);
return new ResultResponse(true, "Policy Updated", request.IdentitySetting);
}
throw new Exception(ErrorRes.EntityNotExist);
}
}