Basic use of ASP. NET Identity 2.0.1 (ii)-User account and cookie configuration in ASP. NET Core 2.0.1
Modify user account and cookie configuration
First, change password strength and user mailbox validation rules:
Open Startup.cs and locate services in public void configureservices (iservicecollection services). Addidentity<applicationuser, Applicationrole> (). Adddefaulttokenproviders (); Add the following code as follows:
Services. configure<identityoptions> (options = { //Configure identity Options//Password Strength configurationOptions. Password.requiredigit =false;//whether a number (0-9) is required.Options. Password.requiredlength =6;//Set the minimum password length to 6Options. Password.requirenonalphanumeric =false;//whether it contains non-alphabetic or numeric characters. Options. Password.requireuppercase =false;//whether to include uppercase letters (A-Z).Options. Password.requirelowercase =false;//whether to include lowercase letters (A-Z).Options. Password.requireduniquechars =1;//the number of different characters in the password is required. Default is 1//Lock SettingsOptions. Lockout.defaultlockouttimespan = Timespan.fromminutes (5);//Account lockout duration 5 minutesOptions. Lockout.maxfailedaccessattempts =Ten;//10 failed attempts to lock the accountOptions. Lockout.allowedfornewusers =true;//whether to lock new users//User Registration SettingsOptions. User.requireuniqueemail =true;//whether the email address must be uniqueOptions. User.allowedusernamecharacters ="Ab[email protected]+";//User name optional character (letter case + number + ([email protected]+))//Login ConfigurationOptions. Signin.requireconfirmedemail =false;//you need to confirm the email login. The default is False. Options. Signin.requireconfirmedphonenumber =false;//need to confirm the phone number to sign in. The default is False. });
Second, modify the cookie configuration
Services in public void configureservices (iservicecollection services). Addidentity<applicationuser, Applicationrole> (). Adddefaulttokenproviders (), followed by (or just after adding the code above) add the following code: (// The option is very useful)
//cookie Common settings for ApplicationsServices. Configureapplicationcookie (options = { //options. Cookie.name = "Yourappcookiename";//the name of the cookied. Default is aspnetcore.cookies.Options. Cookie.httponly =true;//whether to deny cookies from client script access. True by default.Options. Expiretimespan = Timespan.fromminutes ( -);//The cookie remains valid for a period of 60 minutes. //timespan.fromdays ();Options. Loginpath ="/account/login";//automatically redirect when you log in. Options. Logoutpath ="/account/logout";//automatic redirection on logoff. //options. Accessdeniedpath = "/account/accessdenied"; //The user is redirected when there is no authorization check. //options. SlidingExpiration = true;//when True, the new cookie will issue a new expiry time when the current cookie is half past the expiration window. The default is true. //Requires ' using Microsoft.AspNetCore.Authentication.Cookies; '//options. Returnurlparameter = Cookieauthenticationdefaults.returnurlparameter;//401 status changed to 302 status and redirected to login path. });
Using the ASP. NET Core 2.0.1 Razor Learning Note (iii)