How to setup password expiration using ASP.NET Identity Framework

后端未结

关注

 2  1891

天涯浪人 2020-12-14 08:27

I have a ASP.NET project using Identity. For Identity Configuration regarding passwords, the PasswordValidator is being used. How do I expand the enforcement of

2条回答

隐瞒了意图╮ (楼主)

2020-12-14 09:10

There is no such functionality builtin ASP.NET Identity 2. Easiest is to add a field on the user like LastPasswordChangedDate. And then check this field during each Authorization.

public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider
{
    public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
    {
        var user = await GetUser(context.UserName, context.Password);
        if(user.LastPasswordChangedDate.AddDays(20) < DateTime.Now)
           // user needs to change password

    }
}

0 讨论(0)

查看其它2个回答