asp.net-identity

问题 I wonder why asp.net mvc 5 Identity user uses string(GUID) as key not an int by default? Are there any reason to do this? I know that it is possible to change the key to int, but is this change good practice at all? May be this ids are kept somewhere in the cookie, or are used in OAUTH, and it is not recommended to do this? 回答1: Two things that come on top of my head are that int has a limitation where as GUID doesn't and that if I know my ID is 76, I can know the ids of at least 75 more

问题 I am trying to signin certificate (OpenIddict), but I get error when trying with thumbprint: options.AddSigningCertificate(Configuration["Certificate"]/* db b9 12 .... 22 */); and the error: Application startup exception: System.Security.Cryptography.CryptographicException: OpenCSP failed with error code 2148073494. in this line: app.UseOpenIddict(); If I tried with X509Certificate2 I also get error: var cert = new X509Certificate2(Configuration["Certificate"]/*path to file.cer*/); options

问题 I am using the standard ASP.net OWIN OAuth middleware system to authenticate local users with Bearer tokens. What I would like to do is is hand out role-based tokens for the same user account. eg. OAuth TokenA => General User Privileges UserA -> OAuth TokenB => Admin User Privileges Is this supported in any way? 回答1: I was able to solve this using the following method - //ensure the token is a User role token only identity.AddClaim(new Claim(ClaimTypes.Role, "User")); Where 'identity' is an

问题 I've looked around on how to do this but no luck so far. Anyone know where to start? Basically my company have active directory server and I build a site where user will use their company account to login. I've tried Organizational Accounts option from Visual Studio Web Application but it returned Invalid domain name . Pic below Any help will be appreciated. 回答1: From what I understand of your question, you're looking for forms authentication via Active Directory, which would be 'Individual

问题 I am implementing 2 factor authentication in WebApi, asp.net identity and OWIN. Every time I log in, I get SignInStatus = Success never reaches to SignInStatus = RequiresVerification though user TwoFactorAuthentication is enabled. Below are some code snippets, Startup.cs: private void ConfigureAuth(IAppBuilder app) { app.UseCookieAuthentication(new CookieAuthenticationOptions()); app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie); app.UseTwoFactorSignInCookie

问题 I created MVC 4 application. In that application If user forgot the password , I have method to send an email to user to reset password. If Admin want to change user current password ,I have method to send an email to user with relevant details. So I'm getting same error when I try to send email I'm getting errors like following Error that I'm getting for Forgot Password method Error that I'm getting for Edit User method Seems like I'm having trouble when I try to send email , I'm using asp

问题 I am new to Unity, and Identity, and I have restructured my implementation of Identity 2 to use int Keys instead of strings. I followed this article. It works great at this point. However, I am using Unity for IoC, and it works wonderfully with my repositories, however, I am struggling getting it to work with the Identity side. I followed this article to switch. I have seen questions similar to this, but all of them were using string Keys, so I assume I have something funky somewhere since I

问题 I'm using Microsoft.AspNet.Identity.Core 2.2.1 in my solution. I need to integrate this with another system that should automatically add claims. In order to keep track of which claims are manually added and which are created by an external system, I would like another column on my AspNetUserClaims table: ExternalSystem varchar(64) null How do I do this using EF Migrations (or without if nescessary), seeing as I don't actually have the claims class in my solution? 回答1: You can create our own

问题 I am looking for the easiest way to implement JSON Web Token authentication using IdentityModel.Tokens.Jwt . Here is a link to a package itself: JSON Web Token Handler For the Microsoft .Net Framework 4.5 4.0.1 回答1: This is what worked for me: var securityKey = new InMemorySymmetricSecurityKey(Encoding.Default.GetBytes("MySecretKey")); var header = new JwtHeader(new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature, SecurityAlgorithms.Sha256Digest)); var payload = new

问题 I am using asp.net Identity in my project. In VerifyPhoneNumber view, when user confirm his phone number, he is logged out ( .AspNetApplicationCookie is removed. I checked this from Resource tab inspect chrome). Code of VerifyPhoneNumber action in ManageController : if (!ModelState.IsValid) { return View(model); } string phoneNumber = UserManager.GetPhoneNumber(User.Identity.GetUserId()); var result = await UserManager.ChangePhoneNumberAsync(User.Identity.GetUserId(), phoneNumber, model.Code)