asp.net-identity

问题 I'm using Identity Core 1.0 with ASP.NET MVC Core 1.0 and Entity Framework Core 1.0 to create a simple user registration system with this article as a starting point, and I am trying to add user roles. I can add user roles, but I'm unable to edit them. Here is the Edit action in the RolesController : [HttpPost] [ValidateAntiForgeryToken] public IActionResult Edit(IdentityRole role) { try { _db.Roles.Attach(role); _db.Entry(role).State = Microsoft.EntityFrameworkCore.EntityState.Modified; _db

问题 I am trying to write Unit Test for Register Method at AccountController I am using moq and what is the correct way to mock ApplicationUserManager, ApplicationRoleManager and ApplicationSignInManager from Unit Test. public AccountController(ApplicationUserManager userManager, ApplicationRoleManager roleManager, ApplicationSignInManager signInManager) { UserManager = userManager; RoleManager = roleManager; SignInManager = signInManager; } public ApplicationUserManager UserManager { get { return

问题 This has to be simple, but I'm going bug-eyed trying to find the answer. How does a controller action get a reference to the per-request ApplicationDbContext that was stashed in the Owin pipeline? EDIT: Ok, I think I'm getting closer... or maybe not... All of my Googling seems to lead to this blog post, which sez to use: var dbContext = context.Get<ApplicationDbContext>(); where context is apparently an instance of Microsoft.Owin.IOwinContext . So I tried: var db = HttpContext.GetOwinContext(

问题 I am using custom implementation of microsoft asp.net identity because i have custom tables that is why i have given custom implementation of all my methods IUserStore and IUserPasswordStore . Problem is when user logins then after 10 - 15 minutes login user session gets expired but what i want is unless user logs out i want to keep user login in to the system. Code: public partial class Startup { public void ConfigureAuth(IAppBuilder app) { app.CreatePerOwinContext(ApplicationDbContext

问题 I need background about two features of ASP.NET Identity please: Security token - What is it? is it a temporary password sent to the user's email? Security Stamp - Is it something else than security tokens? If yes, what's its purpose? how are they different? Thanks, ashilon 回答1: Try to answer your questions in order: Tokens are used in Identity in several ways. You can use them to reset a password or confirm the email address of a user. Here you generate a token specific for the appropriate

问题 I have a .Net Core 2.0 application that uses JWT tokens to authorize the user. This all works fine but I want to have some sort of API Key mechanism to allow other applications to integrate but I cannot seem to get this to work with the current authentication. Code: Startup.cs public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, IMemoryCache cache, IServiceProvider serviceProvider) { app.UseAuthentication(); ApiKeyMiddlewear(app,

问题 public EmployeeDTO AuthenticateEmployee(string username, string password) { try { var userLogin = UnitOfWork.UserLoginRepository.Get(x => x.UserName == username).FirstOrDefault(); if (userLogin == null) return null; else { var userStore = new UserStore<IdentityUser>(); var userManager = new UserManager<IdentityUser>(userStore); // this throws an error. var user = userManager.Find("username", "password"); } } } Results in error: Could not load type 'System.ComponentModel.DataAnnotations.Schema

问题 EDIT: Per discussion in the comments, let me clarify that this will be happening server side, behind SSL. I do not intend to expose the hashed password or the hashing scheme to the client. Assume we have an existing asp.net identity database with the default tables (aspnet_Users, aspnet_Roles, etc.). Based on my understanding, the password hashing algorithm uses sha256 and stores the salt + (hashed password) as a base64 encoded string. EDIT: This assumption is incorrect, see answer below. I

问题 Introducing ASP.NET Identity – A membership system for ASP.NET applications http://blogs.msdn.com/b/webdev/archive/2013/06/27/introducing-asp-net-identity-membership-system-for-asp-net-applications.aspx Now when creating a new web application with ASP.NET 4.5, we have the new "ASP.NET Identity". I manage to let my application to use my MSSQL database with the build in register/login/change password functions, but I am not sure how to do other operation like old days ( especially the "ASP.NET

问题 When I create user by Register action whe application is running the application user gets SecurityStamp. When I add user by: if (!context.Users.Any()) { System.Diagnostics.Debug.WriteLine("INSIDE"); var hasher = new PasswordHasher(); try { var users = new List<ApplicationUser> { new ApplicationUser{PasswordHash = hasher.HashPassword("TestPass44!"), Email = "informatyka4444@wp.pl", UserName = "informatyka4444@wp.pl"}, new ApplicationUser{PasswordHash = hasher.HashPassword("TestPass44!"),