How to customize authentication to my own set of tables in asp.net web api 2?

时间:2022-10-26 20:38:11

ssuming your table is called AppUser, convert your own AppUser domain object to IUser(using Microsoft.AspNet.Identity) like this

using Microsoft.AspNet.Identity; public class AppUser : IUser { //Existing database fields public long AppUserId { get; set; } public string AppUserName { get; set; } public string AppPassword { get; set; } public AppUser() { this.Id = Guid.NewGuid().ToString(); } [Ignore] public virtual string Id { get; set; } [Ignore] public string UserName { get { return AppUserName; } set { AppUserName = value; } } }

Implement the UserStore object like this

using Microsoft.AspNet.Identity; public class UserStoreService : IUserStore<AppUser>, IUserPasswordStore<AppUser> { CompanyDbContext context = new CompanyDbContext(); public Task CreateAsync(AppUser user) { throw new NotImplementedException(); } public Task DeleteAsync(AppUser user) { throw new NotImplementedException(); } public Task<AppUser> FindByIdAsync(string userId) { throw new NotImplementedException(); } public Task<AppUser> FindByNameAsync(string userName) { Task<AppUser> task = context.AppUsers.Where(                               apu => apu.AppUserName == userName) .FirstOrDefaultAsync(); return task; } public Task UpdateAsync(AppUser user) { throw new NotImplementedException(); } public void Dispose() {         context.Dispose(); } public Task<string> GetPasswordHashAsync(AppUser user) { if (user == null) { throw new ArgumentNullException("user"); } return Task.FromResult(user.AppPassword); } public Task<bool> HasPasswordAsync(AppUser user) { return Task.FromResult(user.AppPassword != null); } public Task SetPasswordHashAsync(AppUser user, string passwordHash) { throw new NotImplementedException(); }  }

If you have your own custom password hashing you will also need to implement IPasswordHasher. Below is an example where there is no hashing of the password(Oh no!)

using Microsoft.AspNet.Identity; public class MyPasswordHasher : IPasswordHasher { public string HashPassword(string password) { return password; } public PasswordVerificationResult VerifyHashedPassword (string hashedPassword, string providedPassword) { if (hashedPassword == HashPassword(providedPassword)) return PasswordVerificationResult.Success; else return PasswordVerificationResult.Failed; } }

In Startup.Auth.cs replace

UserManagerFactory = () => new UserManager<IdentityUser>(new UserStore<IdentityUser>());

with

 UserManagerFactory = () => new UserManager<AppUser>(new UserStoreService()) { PasswordHasher = new MyPasswordHasher() };

In ApplicationOAuthProvider.cs, replace IdentityUserwith AppUser

In AccountController.cs, replace IdentityUser with AppUser and delete all the external authentication methods like GetManageInfo and RegisterExternal etc.