如何为ASP.NET身份密码规则？ [英] How to set password rules for ASP.NET identity?

问题描述

在我的ASP.NET应用程序中我已经在web.config中继DefaultMembershipProvider和SqlMembershipProvider的设置：

In my ASP.NET applications I have following settings in DefaultMembershipProvider and SqlMembershipProvider in web.config:

enablePasswordRetrieval="true"
passwordFormat="Clear" 
requiresQuestionAndAnswer="false" 

他们所需要的摘要式身份验证。我想移动到ASP.NET身份。我使用自动化的工具来更新我管理所有的web.config文件中。

They are required for Digest authentication. I would like to move to ASP.NET Identity. I am using automated tool to update all web.config files that I manage.

我如何设置由Visual Studio 2013生成的项目为ASP.NET识别这些设置吗？

How do I set these settings for ASP.NET Identity in the project generated by Visual Studio 2013?

推荐答案

您需要提供 IPasswordHasher 的实施可以不受哈希提供清晰的口令。您可以设置为UserManager.PasswordHasher您的实现。

You need to provide IPasswordHasher implementation that can provide clear password without hashing. You can set UserManager.PasswordHasher to your implementation.

截至目前，对于没有身份的web.config配置的设置。您需要提供可配置的适当搭配在code，主要集中在Startup.cs

As of now, there is no web.config configurable settings for Identity. You need to provide appropriate mix of configurable in code, mainly in Startup.cs

的不建议储存口令以明文格式。的

public class ClearPassword : IPasswordHasher
{
    public string HashPassword(string password)
    {
        return password;
    }

    public PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword)
    {
        if(hashedPassword.Equals(providedPassword))
            return PasswordVerificationResult.Success;
        else return PasswordVerificationResult.Failed;
    }
}

这篇关于如何为ASP.NET身份密码规则？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！