Or how can I reset without knowing the current one (user forgot password)? If you want to change a password using the UserManager but you do not want to supply the user’s current password, you can generate a password reset token and then use it immediately instead. string resetToken = await UserManager.GeneratePasswordResetTokenAsync(model.Id); IdentityResult passwordChangeResult = … Read more
Create a DbContext factory public static class DbContextFactory { public static Dictionary<string, string> ConnectionStrings { get; set; } public static void SetConnectionString(Dictionary<string, string> connStrs) { ConnectionStrings = connStrs; } public static MyDbContext Create(string connid) { if (!string.IsNullOrEmpty(connid)) { var connStr = ConnectionStrings[connid]; var optionsBuilder = new DbContextOptionsBuilder<MyDbContext>(); optionsBuilder.UseSqlServer(connStr); return new MyDbContext(optionsBuilder.Options); } else { throw … Read more
When the SecurityStampValidator fires the regenerateIdentity callback, the currently authenticated user gets re-signed in with a non-persistent login. This is hard-coded, and I don’t believe there is any way to directly control it. As such, the login session will continue only to the end of the browser session you are running at the point the … Read more
Create a new Microsoft.Owin.Security.Facebook.AuthenticationOptions object in Startup.ConfigureAuth (StartupAuth.cs), passing it the FacebookAppId, FacebookAppSecret, and a new AuthenticationProvider. You will use a lambda expression to pass the OnAuthenticated method some code to add Claims to the identity which contain the values you extract from context.Identity. This will include access_token by default. You must add email to … Read more
If you follow all steps of adding a custom field to user, you will finish the tasks successfully. Here is all steps to add a custom field to user: Create an ASP.NET Web Application Make sure you select MVC and the Authentication is Individual User Accounts Go to Models folder → Open IdentityModels.cs → ApplicationUser … Read more
Move the ApplicationUser definition to your DAL. Inherit your MyDbContext from IdentityDbContext<ApplicationUser> or IdentityDbContext OnModelCreating – Provide the foreign key info. Pass MyDbContext while creating the UserManager<ApplicationUser>
Yes, you can. Authentication and Authorization parts work independently. If you have your own authentication service you can just use OWIN’s authorization part. Consider you already have a UserManager which validates username and password. Therefore you can write the following code in your post back login action: [HttpPost] public ActionResult Login(string username, string password) { … Read more
You can allow this by plugging in your own UserValidator on the UserManager, or just by turning it off on the default implementation: UserManager.UserValidator = new UserValidator<TUser>(UserManager) { AllowOnlyAlphanumericUserNames = false }
what does claim mechanism means in new ASP.NET Identity Core? There are two common authorization approaches that are based on Role and Claim. Role-Based Security A user gets assigned to one or more roles through which the user gets access rights. Also, by assigning a user to a role, the user immediately gets all the … Read more
The async actions are useful only when you are performing I/O bound operations such as remote server calls. The benefit of the async call is that during the I/O operation, no ASP.NET worker thread is being used. So here’s how the first example works: When a request hits the action, ASP.NET takes a thread from … Read more