在MVC 5成員中更改密碼長度

Question

嘗試將默認的最小密碼長度更改爲4個字符。我知道，4！可笑，對！不是我的電話。

無論如何，我在RegisterViewModel上更改了它，但實際上並沒有改變它。爲了說明我已經發布了下面的代碼。 ModleState.IsValid根據更新的ViewModel正確返回。然而，然後調用UserManager.CreateAsync()與一條錯誤消息返回False「密碼必須至少6個字符」

我已經按照這個，非常類似的帖子（Change Password...）的步驟，但它並不適用於MVC 5個工作據我所知，就我而言。它仍然返回相同的消息。

// 
    // POST: /Account/Register 
    [HttpPost] 
    [AllowAnonymous] 
    [ValidateAntiForgeryToken] 
    public async Task<ActionResult> Register(RegisterViewModel model) 
    { 
     if (ModelState.IsValid) 
     { 
      var user = new ApplicationUser() { UserName = model.UserName, LastLogin = model.LastLogin }; 


// This is where it 'fails' on the CreateAsync() call 
        var result = await UserManager.CreateAsync(user, model.Password); 
        if (result.Succeeded) 
        { 
         await SignInAsync(user, isPersistent: false); 
         return RedirectToAction("Index", "Home"); 
        } 
        else 
        { 
         AddErrors(result); 
        } 
       } 
      // If we got this far, something failed, redisplay form 
      return View(model); 
     } 

Answer 1

正如你可以看到UserManager有是當前用硬編碼參數this.PasswordValidator = (IIdentityValidator<string>) new MinimumLengthValidator(6);初始化在UserManager的構造密碼驗證公共財產IIdentityValidator<string> PasswordValidator。

您可以使用具有所需密碼長度的MinimumLengthValidator對象來設置此屬性。

Answer 2

檢查下面的文章在MSDN

Implementing custom password policy using ASP.NET Identity

這裏的建議是延長UserManager類的應用程序，並在構造設置PasswordValidator屬性：

public class MyUserManager : UserManager<ApplicationUser> 
{ 
    public MyUserManager() : 
     base(new UserStore<ApplicationUser>(new ApplicationDbContext())) 
    { 
     PasswordValidator = new MinimumLengthValidator(4); 
    } 
} 

然後在您的控制器（或控制器基類）實例化MyUserManager：

public BaseController() : this(new MyUserManager()) 
{ 
} 

public BaseController(MyUserManager userManager) 
{ 
    UserManager = userManager; 
} 

public MyUserManager UserManager { get; private set; } 

您也可以通過實施IIdentityValidator並替換默認驗證程序來實現自定義驗證程序以檢查更復雜的密碼規則。

Answer 3

您可以使用App_Start目錄中的IdentityConfig.cs文件中找到的PasswordValidator來設置密碼屬性。

public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context) 
    { 
     var manager = new ApplicationUserManager(new UserStore<ApplicationUser>(context.Get<ApplicationDbContext>())); 
     // Configure validation logic for usernames 
     manager.UserValidator = new UserValidator<ApplicationUser>(manager) 
     { 
      AllowOnlyAlphanumericUserNames = false, 
      RequireUniqueEmail = true 
     }; 

     // Configure validation logic for passwords 
     manager.PasswordValidator = new PasswordValidator 
     { 
      RequiredLength = 6, 
      RequireNonLetterOrDigit = false, 
      RequireDigit = true, 
      RequireLowercase = true, 
      RequireUppercase = true, 
     }; 

     // Configure user lockout defaults 
     manager.UserLockoutEnabledByDefault = true; 
     manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(5); 
     manager.MaxFailedAccessAttemptsBeforeLockout = 5; 

     // Register two factor authentication providers. This application uses Phone and Emails as a step of receiving a code for verifying the user 
     // You can write your own provider and plug it in here. 
     manager.RegisterTwoFactorProvider("Phone Code", new PhoneNumberTokenProvider<ApplicationUser> 
     { 
      MessageFormat = "Your security code is {0}" 
     }); 
     manager.RegisterTwoFactorProvider("Email Code", new EmailTokenProvider<ApplicationUser> 
     { 
      Subject = "Security Code", 
      BodyFormat = "Your security code is {0}" 
     }); 
     manager.EmailService = new EmailService(); 
     manager.SmsService = new SmsService(); 
     var dataProtectionProvider = options.DataProtectionProvider; 
     if (dataProtectionProvider != null) 
     { 
      manager.UserTokenProvider = 
       new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity")); 
     } 
     return manager; 
    }