Login/Register
asp.net core mvc password validators
Asked Answered
Solved c#asp.netvalidationasp.net-core-mvcuser-accounts
D

3

9

What is the easy way to customize password validation rules in asp.net core MVC? The problem is exactly like someone had here How To Change Password Validation in ASP.Net MVC Identity 2? the only difference is that I'm using asp.net CORE MVC (latest build) with Visual Studio 2015. I'd like to remove all password validation rules. There is no ApplicationUserManager class in the project, also I'm not sure if it's possible to customize UserManager validation rules in the Startup.cs file.

Downpour answered 3/7, 2016 at 16:53 Comment(0)
T
9

If you want simply disable some password restrictions (RequireLowercase, RequiredLength etc) - configure IdentityOptions.Password in Startup, like this:

services.Configure<IdentityOptions>(o =>
{
    o.Password.RequiredLength = 12;
});

If you want completely change password validation logic - implement IPasswordValidator and register it in Startup.

Tannen answered 4/7, 2016 at 9:49 Comment(0)
B
14
public void ConfigureServices(IServiceCollection services)
{
     services.AddIdentity<ApplicationUser, IdentityRole>(options =>
            {
                options.Password.RequireDigit = true;
                options.Password.RequireLowercase = true;
                options.Password.RequireNonAlphanumeric = true;
                options.Password.RequireUppercase = true;
                options.Password.RequiredLength = 6;
                options.User.AllowedUserNameCharacters = null;
            })
            .AddEntityFrameworkStores<ApplicationDbContext>()
            .AddDefaultTokenProviders();
}

Note: You should also change your new settings in RegisterViewModel.Password, ResetPasswordViewModel.Password, ChangePasswordViewModel.NewPassword and SetPasswordViewModel.NewPassword. to enable the new validation on front end.

Bylaw answered 4/7, 2016 at 10:17 Comment(0)
T
9

If you want simply disable some password restrictions (RequireLowercase, RequiredLength etc) - configure IdentityOptions.Password in Startup, like this:

services.Configure<IdentityOptions>(o =>
{
    o.Password.RequiredLength = 12;
});

If you want completely change password validation logic - implement IPasswordValidator and register it in Startup.

Tannen answered 4/7, 2016 at 9:49 Comment(0)
Y
2

Also you can use a public class to customize your errors messages. Like this:

public class CustomIdentityErrorDescriber : IdentityErrorDescriber
{
    public override IdentityError PasswordRequiresDigit()
    {
        return new IdentityError
        {
            Code = nameof(PasswordRequiresDigit),
            Description = "Your personal describe error message here."
        };
    }

}

In your Statup.cs, in ConfigureService add:

public void ConfigureServices(IServiceCollection services)
{
    services.AddIdentity<ApplicationUser, IdentityRole>()
            .AddEntityFrameworkStores<IdentityContext>()
            .AddErrorDescriber<CustomIdentityErrorDescriber>()
            .AddDefaultTokenProviders();

     //...
}
Yearn answered 2/12, 2018 at 16:2 Comment(1)
Even though the question was about password validation and not messages, this is still useful. And to anyone who will be using this, you only need a single class and inside override every error describer you want to customize, a single .AddErrorDescriber<ClassName>() as wellBlench

© 2022 - 2025 — McMap. All rights reserved.