public static void AddCustomIdentity(this IServiceCollection services, CustomIdentityOptions identityOptions)
{
services.AddIdentity <User, Role>(options =>
{
//options.Password.RequireDigit = identityOptions.PasswordOptions.RequireDigit;
options.Password.RequiredLength = identityOptions.PasswordOptions.RequiredLength;
//options.Password.RequiredUniqueChars = identityOptions.PasswordOptions.RequiredUniqueChars;
//options.Password.RequireLowercase = identityOptions.PasswordOptions.RequireLowercase;
//options.Password.RequireNonAlphanumeric = identityOptions.PasswordOptions.RequireNonAlphanumeric;
//options.Password.RequireUppercase = identityOptions.PasswordOptions.RequireUppercase;
options.Password.RequireUppercase = false;
options.Password.RequireLowercase = false;
options.Password.RequireNonAlphanumeric = false;
options.User.RequireUniqueEmail = identityOptions.UserOptions.RequireUniqueEmail;
//options.User.AllowedUserNameCharacters = identityOptions.UserOptions.AllowedUserNameCharacters;
////SignIn options
//options.SignIn.RequireConfirmedAccount = identityOptions.SigninOptions.RequireConfirmedAccount;
//options.SignIn.RequireConfirmedEmail = identityOptions.SigninOptions.RequireConfirmedEmail;
//options.SignIn.RequireConfirmedPhoneNumber = identityOptions.SigninOptions.RequireConfirmedPhoneNumber;
////Lockout options
//options.Lockout.AllowedForNewUsers = identityOptions.LockoutOptions.AllowedForNewUsers;
//options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(identityOptions.LockoutOptions.DefaultLockoutMinutes);
//options.Lockout.MaxFailedAccessAttempts = identityOptions.LockoutOptions.MaxFailedAccessAttempts;
})
.AddEntityFrameworkStores <ApplicationDbContext>()
.AddDefaultTokenProviders();
}
private void ConfigIdentity(IServiceCollection services, IHostingEnvironment hostingEnv)
{
var jwtOptions = new JwtOptions();
Configuration.GetSection(nameof(JwtOptions)).Bind(jwtOptions);
SymmetricSecurityKey signingKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(jwtOptions.SecretKey));
// ConfigureMaps JwtIssuerOptions
services.Configure <JwtOptions> (options =>
{
options.Issuer = jwtOptions.Issuer;
options.Audience = jwtOptions.Audience;
options.InstanceClaimName = jwtOptions.InstanceClaimName;
options.SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
});
var tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = jwtOptions.Issuer,
ValidateAudience = true,
ValidAudience = jwtOptions.Audience,
ValidateIssuerSigningKey = true,
IssuerSigningKey = signingKey,
RequireExpirationTime = true,
ValidateLifetime = true,
ClockSkew = TimeSpan.Zero
};
var tokenCache = new JwtTokenCache();
services.AddSingleton(tokenCache);
services.AddAuthentication(options =>
{
options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options =>
{
options.TokenValidationParameters = tokenValidationParameters;
options.Events = new JwtBearerEvents()
{
OnAuthenticationFailed = OnRedirectToLogin
};
});
var identityOptions = new CustomIdentityOptions();
Configuration.GetSection(nameof(CustomIdentityOptions)).Bind(identityOptions);
IdentityBuilder builder = services.AddIdentityCore <User> (options =>
{
options.User.RequireUniqueEmail = identityOptions.UserRequireUniqueEmail;
options.Password.RequiredLength = identityOptions.PasswordRequiredLength;
options.Password.RequireDigit = identityOptions.PasswordRequireDigit;
options.Password.RequireLowercase = identityOptions.PasswordRequireLowercase;
options.Password.RequireNonAlphanumeric = identityOptions.PasswordRequireNonAlphanumeric;
options.Password.RequireUppercase = identityOptions.PasswordRequireUppercase;
options.Lockout.MaxFailedAccessAttempts = identityOptions.LockoutMaxFailedAccessAttempts;
});
builder = new IdentityBuilder(builder.UserType, typeof(IdentityRole), builder.Services)
.AddEntityFrameworkStores <AdminContext> ()
.AddDefaultTokenProviders();
builder.AddRoleValidator <RoleValidator <IdentityRole> > ();
builder.AddRoleManager <RoleManager <IdentityRole> > ();
builder.AddSignInManager <SignInManager <User> > ();
builder.AddUserValidator <UserValidator <User> > ();
}
