asp.net-identity

问题 I'm using the ASPNET Identity tables for my MVC 5 application. Each night we perform "maintenance" on our database. If we modify something under that user, I want to inactivate their current session so that the next action they perform in the web application will kick them back to the login screen. The authentication/authorization already is built into my application using AspNet.Identity. I just need a way to wake it up by setting a flag if it exists. For example the ASPNETUsers table has an

问题 When I use IdentityUser model in Asp.Net Identity with EntityFramework , it creates some standard fields in the database. All the fields are self explanatory except for the below two fields. NormalizedUsername - Which contains the uppercase value of the Username NormalizedEmail - Which contains the uppercase value of the Email My doubts are: Why do we need these Normalized fields? Where does it get used? What is the purpose of persisting it in the database? 回答1: By my understanding, both

问题 When I use IdentityUser model in Asp.Net Identity with EntityFramework , it creates some standard fields in the database. All the fields are self explanatory except for the below two fields. NormalizedUsername - Which contains the uppercase value of the Username NormalizedEmail - Which contains the uppercase value of the Email My doubts are: Why do we need these Normalized fields? Where does it get used? What is the purpose of persisting it in the database? 回答1: By my understanding, both

问题 We have a multitenant architecture with more than one user like below with identity core library: public class ApplicationUser : IdentityUser { } public class Tenant1User: ApplicationUser { public int deneme { get; set; } } public class Tenant2User: ApplicationUser { public string City { get; set; } public string Picture { get; set; } public DateTime? BirthDay { get; set; } public int Gender { get; set; } } We wanted to use UserManager generically in controllers constructors when injecting

问题 I'm migrating a Web Forms application from Forms Authentication to OpenID Connect (using OWIN and IdentityServer3). The application already has a lot of 'authorization' elements (for various locations) in the web.config which I would like to reuse after migrating to OWIN. <authorization> <deny users="?" /> </authorization> <location path="Path/Page.aspx"> <system.web> <authorization> <allow users="*" /> </authorization> </system.web> </location> ... The problem is that after I switch to OWIN

问题 I have recently created an ASP.NET Core 3.0 web application project in Visual Studio 2019 (with Docker enabled, but I don't think that's relevant), and don't seem to be able to disable HTTPS when including ASP.NET Identity for individual user accounts. Whenever I launch the app in the debugger the page opens using HTTPS and navigating to HTTP redirects me back again. I've tried creating a new project to test out what is going on, and have found the following: When creating the project I

问题 Good day, How do i validate security stamp to prevent multiple login from single user in Asp.Net Core 2 as there's no SecurityStampValidationInterval in IdentityOption . Thanks in advance. 回答1: I have used Microsoft.Extensions.Caching.Memory.IMemoryCache to implement the same. (Stored the usernames in cache) At the time of login (we can do this before validating the password) Step 1: Use Memory Cache as DI to the controller. private IMemoryCache SiteCache = null; public LoginHelper

问题 I implemented Microsoft Identity and JWT in my web api, a client can login and get a JWT token and store it in the application. since the expiration of the token the user can access the the server, but if I remove a user from my database, the removed user still has its token and can access the web api, how can I check the validation of the user? 回答1: One option is to validate the current user on the JwtBearerEvent OnTokenValidated event which will be triggered after every successful

问题 I implemented Microsoft Identity and JWT in my web api, a client can login and get a JWT token and store it in the application. since the expiration of the token the user can access the the server, but if I remove a user from my database, the removed user still has its token and can access the web api, how can I check the validation of the user? 回答1: One option is to validate the current user on the JwtBearerEvent OnTokenValidated event which will be triggered after every successful

来源： https://stackoverflow.com/questions/58948479/is-it-safe-to-use-requirerole-without-requireauthenticateduser-in-asp-net