CQRS学习——集成ASP.NET Identity[其五]

【其实和Cqrs没啥关系】

缘由

其实没啥原因，只是觉得以前写了不知多少遍的用户登录复用性太差，实现的功能也不多。

依赖的Nuget包

public partial class Startup
{
//配置Identity身份验证
public void ConfigureAuth(IAppBuilder app)
{
app.CreatePerOwinContext(() => new DpfbUserStore());
app.CreatePerOwinContext((IdentityFactoryOptions<AppUserManager> options,
IOwinContext context) =>
{
var manager = new AppUserManager();

//用户信息验证
manager.UserValidator = new UserValidator<DpfbUser, Guid>(manager)
{
AllowOnlyAlphanumericUserNames = false,
RequireUniqueEmail = false
};

//密码验证
manager.PasswordValidator = new PasswordValidator
{
RequiredLength = 6,
RequireNonLetterOrDigit = true,
RequireDigit = true,
RequireLowercase = true,
RequireUppercase = true,
};

//配置最大出错次数
manager.UserLockoutEnabledByDefault = true;
manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(5);
manager.MaxFailedAccessAttemptsBeforeLockout = 5;

//开启两步验证
manager.RegisterTwoFactorProvider("PhoneCode", new PhoneNumberTokenProvider<DpfbUser, Guid>
{
MessageFormat = "Your security code is: {0}"
});
manager.RegisterTwoFactorProvider("EmailCode", new EmailTokenProvider<DpfbUser, Guid>
{
Subject = "SecurityCode",
BodyFormat = "Your security code is {0}"
});

//配置消息服务
manager.EmailService = new EmailService();
manager.SmsService = new SmsService();

var dataProtectionProvider = options.DataProtectionProvider;
if (dataProtectionProvider != null)
{
manager.UserTokenProvider =
new DataProtectorTokenProvider<DpfbUser, Guid>(dataProtectionProvider.Create("ASP.NET Identity"));
}
return manager;
});
app.CreatePerOwinContext(()=>new AppSignInManager());

//配置Cookie
app.UseCookieAuthentication(new CookieAuthenticationOptions
{
AuthenticationType = DefaultAuthenticationTypes.ApplicationCookie,
LoginPath = new PathString("/system/login"),
Provider = new CookieAuthenticationProvider
{
// Enables the application to validate the security stamp when the user logs in.
// This is a security feature which is used when you change a password or add an external login to your account.
OnValidateIdentity = SecurityStampValidator.OnValidateIdentity<AppUserManager, DpfbUser, Guid>(
TimeSpan.FromMinutes(30),
(AppUserManager manager, DpfbUser user) =>
manager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie),
user => new Guid(user.GetUserId<string>()))
}
});
app.UseExternalSignInCookie(DefaultAuthenticationTypes.ExternalCookie);

// Enables the application to temporarily store user information when they are verifying the second factor in the two-factor authentication process.
app.UseTwoFactorSignInCookie(DefaultAuthenticationTypes.TwoFactorCookie, TimeSpan.FromMinutes(5));

// Enables the application to remember the second login verification factor such as phone or email.
// Once you check this option, your second step of verification during the login process will be remembered on the device where you logged in from.
// This is similar to the RememberMe option when you log in.
app.UseTwoFactorRememberBrowserCookie(DefaultAuthenticationTypes.TwoFactorRememberBrowserCookie);
}
}

View Code

修改密码

AppUserManager的基类有个属性RequireUniqueEmail，当这个属性被置为true的时候，修改密码（以及其他敏感操作）会要求Email验证，对于内部系统而言，可以将这个属性置为false。

...

【加功能的时候再补充】