Asp。Net 5 (vNext) -如何实现自定义密码验证等。

时间:2022-07-07 02:42:19

I'm prototyping a web application using ASP.NET 5. The template project Visual Studio 2015 creates is useful, but it uses Entity Framework which I don't want to use. I already have my own logic for verifying passwords to login, create new users etc. using ADO.NET.

我正在用ASP原型化一个web应用程序。净5。Visual Studio 2015创建的模板项目非常有用,但是它使用的是我不想使用的实体框架。我已经有了自己的逻辑来验证密码登录,使用ADO.NET创建新用户等。

For example, the template project uses functions like SignInManager.PasswordSignInAsync(email, password, rememberMe, false);, but I want to implement my own code for doing this, I'm not sure where I can override this behaviour.

例如,模板项目使用像SignInManager这样的函数。PasswordSignInAsync(电子邮件、密码、记住我、false);但是我想实现我自己的代码,我不确定在哪里可以重写这种行为。

I suspect the config code in the Startup class needs to be changed, this code for example:

我怀疑启动类中的配置代码需要修改,例如:

services.AddIdentity<ApplicationUser, IdentityRole>().AddEntityFrameworkStores<ApplicationDbContext>().AddDefaultTokenProviders();

Looks like it is setting up the identity logic to use the EF, I imagine I need to implement my own versions of IUserStore and other interfaces, but I'm not sure where to start and I can't find any examples of how to do this.

看起来它是在设置身份逻辑来使用EF,我想我需要实现我自己的IUserStore和其他接口的版本,但是我不确定从哪里开始,我找不到任何例子来做这个。

thanks

谢谢

1 个解决方案

#1


1  

First rule of security DO NOT CREATE YOUR OWN SECURITY.

安全的第一条规则不创建您自己的安全。

Do NOT write your own PASSWORD VERIFICATION.

不要编写自己的密码验证。

Now that's out of the way.

这就不碍事了。

You are allowed to write your own Identity Store.

您可以编写自己的标识库。

Check out the official tutorial.

查看官方教程。

The basic premise is that you Implement your own IUser<T> and a IUserStore<IUser<T>> that allows the .net identity provider to access your storage. However at the end of the day...there should be a ADO.Net Identity Store.

基本前提是您实现自己的IUser 和IUserStore >,允许.net标识提供程序访问您的存储。然而,在一天结束的时候……这应该有点麻烦。净的身份。

#1


1  

First rule of security DO NOT CREATE YOUR OWN SECURITY.

安全的第一条规则不创建您自己的安全。

Do NOT write your own PASSWORD VERIFICATION.

不要编写自己的密码验证。

Now that's out of the way.

这就不碍事了。

You are allowed to write your own Identity Store.

您可以编写自己的标识库。

Check out the official tutorial.

查看官方教程。

The basic premise is that you Implement your own IUser<T> and a IUserStore<IUser<T>> that allows the .net identity provider to access your storage. However at the end of the day...there should be a ADO.Net Identity Store.

基本前提是您实现自己的IUser 和IUserStore >,允许.net标识提供程序访问您的存储。然而,在一天结束的时候……这应该有点麻烦。净的身份。