public static void InitializeIdentity(ApplicationDbContext context) { #region Contracts if (context == null) throw new ArgumentNullException(); #endregion // Default - User const string adminUserName = "******"; const string adminUserPassword = "******"; const string guestUserName = "******"; const string guestUserPassword = "******"; // Default - Role const string adminRoleName = "Admin"; const string guestRoleName = "Guest"; // Default - Permission const string aboutPermissionName = "AboutAccess"; const string contactPermissionName = "ContactAccess"; // Manager var userManager = HttpContext.Current.GetOwinContext().Get<ApplicationUserManager>(); var roleManager = HttpContext.Current.GetOwinContext().Get<ApplicationRoleManager>(); var permissionManager = HttpContext.Current.GetOwinContext().Get<ApplicationPermissionManager>(); // User var adminUser = userManager.FindByName(adminUserName); if (adminUser == null) { adminUser = new ApplicationUser { UserName = adminUserName, Email = adminUserName }; userManager.Create(adminUser, adminUserPassword); userManager.SetLockoutEnabled(adminUser.Id, false); } var guestUser = userManager.FindByName(guestUserName); if (guestUser == null) { guestUser = new ApplicationUser { UserName = guestUserName, Email = guestUserName }; userManager.Create(guestUser, guestUserPassword); userManager.SetLockoutEnabled(guestUser.Id, false); } // Role var adminRole = roleManager.FindByName(adminRoleName); if (adminRole == null) { adminRole = new ApplicationRole(adminRoleName); roleManager.Create(adminRole); } var guestRole = roleManager.FindByName(guestRoleName); if (guestRole == null) { guestRole = new ApplicationRole(guestRoleName); roleManager.Create(guestRole); } // Permission var aboutPermission = permissionManager.FindByName(aboutPermissionName); if (aboutPermission == null) { aboutPermission = new ApplicationPermission(aboutPermissionName); permissionManager.Create(aboutPermission); } var contactPermission = permissionManager.FindByName(contactPermissionName); if (contactPermission == null) { contactPermission = new ApplicationPermission(contactPermissionName); permissionManager.Create(contactPermission); } // UserAddToRole IList<string> rolesForUser = null; rolesForUser = userManager.GetRoles(adminUser.Id); if (rolesForUser.Contains(adminRole.Name) == false) { userManager.AddToRole(adminUser.Id, adminRole.Name); } rolesForUser = userManager.GetRoles(guestUser.Id); if (rolesForUser.Contains(guestRole.Name) == false) { userManager.AddToRole(guestUser.Id, guestRole.Name); } // PermissionAddToRole IList<string> rolesForPermission = null; rolesForPermission = permissionManager.GetRolesById(aboutPermission.Id); if (rolesForPermission.Contains(adminRole.Name) == false) { permissionManager.AddToRole(aboutPermission.Id, adminRole.Name); } rolesForPermission = permissionManager.GetRolesById(contactPermission.Id); if (rolesForPermission.Contains(adminRole.Name) == false) { permissionManager.AddToRole(contactPermission.Id, adminRole.Name); } }
public static ApplicationRoleManager Create(ApplicationDbContext context) { return new ApplicationRoleManager(context); }
public static ApplicationPermissionManager Create(ApplicationDbContext context) { return new ApplicationPermissionManager(context); }
public static ApplicationUserManager Create(ApplicationDbContext context, IDataProtectionProvider dataProtectionProvider = null) { #region Contracts if (context == null) throw new ArgumentNullException(); #endregion // 建立使用者管理員 var userManager = new ApplicationUserManager(context); if (userManager == null) throw new InvalidOperationException(); // 設定使用者名稱的驗證邏輯 userManager.UserValidator = new UserValidator<ApplicationUser>(userManager) { AllowOnlyAlphanumericUserNames = false, RequireUniqueEmail = true }; // 設定密碼的驗證邏輯 userManager.PasswordValidator = new PasswordValidator { RequiredLength = 5, // 最小長度 RequireNonLetterOrDigit = false, // 是否需要一個非字母或是數字 RequireDigit = false, // 是否需要一個數字 RequireLowercase = false, // 是否需要一個小寫字母 RequireUppercase = false, // 是否需要一個大寫字母 }; // 設定使用者鎖定詳細資料 userManager.UserLockoutEnabledByDefault = true; userManager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(5); userManager.MaxFailedAccessAttemptsBeforeLockout = 5; // 註冊雙因素驗證提供者。此應用程式使用手機和電子郵件接收驗證碼以驗證使用者 // 您可以撰寫專屬提供者,並將它外掛到這裡。 userManager.RegisterTwoFactorProvider("電話代碼", new PhoneNumberTokenProvider<ApplicationUser> { MessageFormat = "您的安全碼為 {0}" }); userManager.RegisterTwoFactorProvider("電子郵件代碼", new EmailTokenProvider<ApplicationUser> { Subject = "安全碼", BodyFormat = "您的安全碼為 {0}" }); userManager.EmailService = new EmailService(); userManager.SmsService = new SmsService(); if (dataProtectionProvider != null) { userManager.UserTokenProvider = new DataProtectorTokenProvider<ApplicationUser>(dataProtectionProvider.Create("ASP.NET Identity")); } // 回傳 return userManager; }