gpt4 book ai didi

asp.net-core - 从 ASP.NET 成员身份切换到 ASP.NET Core 身份时维护密码

转载 作者:行者123 更新时间:2023-12-05 04:03:15 24 4
gpt4 key购买 nike

我的公司计划将我们的应用程序从 .NET Framework 升级到 .NET Core,并作为升级的一部分从 ASP.NET Membership 升级到 ASP.NET Core Identity 服务器。我在这 here 上找到了一篇有用的文章.

然而,有一个具有重大意义的子注释:

After completion of this script, the ASP.NET Core Identity app created earlier is populated with Membership users. Users need to change their passwords before logging in.

作为此次迁移的一部分,我们不能要求 600,000 名用户更改密码。但是,成员(member)密码是单向散列的,因此我们无法检索它们然后再迁移它们。所以我想知道我们将如何使用新的 Identity Server 方法维护现有用户的密码。

最佳答案

我最近才这样做。

我们有一个遗留的 .net 成员(member)系统,需要将大约 10,000 名用户导入到 asp.net 身份。当我从系统中复制所有用户时,我首先在 asp .net 身份核心用户表中创建了一个额外的列,我带着他们的旧密码。

然后是用户第一次登录的时候。我首先检查旧密码是否存在,如果存在,然后我验证了它们并更新了 asp 上的密码。 net identity core 并删除了旧密码。这样,所有用户都在不知不觉中将密码移植到了新系统。

我将尝试解释我是如何做到的,但代码有点疯狂。

我实际上在 applicationuser 表中添加了两列

public string LegacyPasswordHash { get; set; }
public string LegacyPasswordSalt { get; set; }

ApplicationSignInManager -> CheckPasswordSignInAsync 方法检查用户是否是旧用户

ApplicationSignInManager

public override async Task<SignInResult> CheckPasswordSignInAsync(ApplicationUser user, string password, bool lockoutOnFailure)
{
........

if (user.IsLegacy)
{
Logger.LogDebug(LoggingEvents.ApplicationSignInManagerCheckPasswordSignInAsync, "[user.Id: {user.Id}] is legacy.", user.Id);
var results = await new LoginCommand(_logger, _userManager, user, password, lockoutOnFailure).Execute();
if (results.Succeeded)
{
await ResetLockout(user);
return SignInResult.Success;
}
}
else if (await UserManager.CheckPasswordAsync(user, password))
{
await ResetLockout(user);
return SignInResult.Success;
}

........
}

登录命令

 public class LoginCommand
{
private readonly ILogger _logger;
private readonly UserManager<ApplicationUser> _userManager;
private readonly ApplicationUser _user;
private readonly string _password;
private readonly bool _shouldLockout;

public LoginCommand(ILogger logger, UserManager<ApplicationUser> userManager, ApplicationUser user, string password, bool shouldLockout)
{
_logger = logger;
_userManager = userManager;
_user = user;
_password = password;
_shouldLockout = shouldLockout;
}

public async Task<SignInResult> Execute()
{
_logger.LogInformation($"Found User: {_user.UserName}");
if (_user.IsLegacy)
return await new LegacyUserCommand(_logger, _userManager, _user, _password, _shouldLockout).Execute();
if (await _userManager.CheckPasswordAsync(_user, _password))
return await new CheckTwoFactorCommand(_logger, _userManager, _user).Execute();
if (_shouldLockout)
{
return await new CheckLockoutCommand(_logger, _userManager, _user).Execute();
}
_logger.LogDebug($"Login failed for user {_user.Email} invalid password");
return SignInResult.Failed;
}
}

LegacyUserCommand

  public class LegacyUserCommand
{
private readonly ILogger _logger;
private readonly UserManager<ApplicationUser> _userManager;

private readonly ApplicationUser _user;
private readonly string _password;
private bool _shouldLockout;

public LegacyUserCommand(ILogger logger, UserManager<ApplicationUser> userManager, ApplicationUser user, string password, bool shouldLockout)
{
_logger = logger;
_userManager = userManager;
_user = user;
_password = password;
_shouldLockout = shouldLockout;
}

public async Task<SignInResult> Execute()
{
try
{
if (_password.EncodePassword(_user.LegacyPasswordSalt) == _user.LegacyPasswordHash)
{
_logger.LogInformation(LoggingEvents.LegacyUserCommand, "Legacy User {_user.Id} migrating password.", _user.Id);
await _userManager.AddPasswordAsync(_user, _password);
_user.SecurityStamp = Guid.NewGuid().ToString();
_user.LegacyPasswordHash = null;
_user.LegacyPasswordSalt = null;
await _userManager.UpdateAsync(_user);
return await new CheckTwoFactorCommand(_logger, _userManager, _user).Execute();
}
if (_shouldLockout)
{
_user.SecurityStamp = Guid.NewGuid().ToString();
await _userManager.UpdateAsync(_user);
_logger.LogInformation(LoggingEvents.LegacyUserCommand, "Login failed for Legacy user {_user.Id} invalid password. (LockoutEnabled)", _user.Id);
await _userManager.AccessFailedAsync(_user);
if (await _userManager.IsLockedOutAsync(_user))
return SignInResult.LockedOut;
}

_logger.LogInformation(LoggingEvents.LegacyUserCommand, "Login failed for Legacy user {_user.Id} invalid password", _user.Id);
return SignInResult.Failed;
}
catch (Exception e)
{
_logger.LogError(LoggingEvents.LegacyUserCommand, "LegacyUserCommand Failed for [_user.Id: {_user.Id}] [Error Message: {e.Message}]", _user.Id, e.Message);
_logger.LogTrace(LoggingEvents.LegacyUserCommand, "LegacyUserCommand Failed for [_user.Id: {_user.Id}] [Error: {e}]", _user.Id, e);
return SignInResult.Failed;
}
}
}

重要提示:[SecurityStamp] 不能为 NULL!

关于asp.net-core - 从 ASP.NET 成员身份切换到 ASP.NET Core 身份时维护密码,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53659929/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com