问题描述
我已经使用ASP.NET Identity实现了Identity Server 4.我问了一个有关如何应用某些登录规则的较早的问题,并收到一个答案,解释了如何在Startup.cs
中添加一些选项.这是我添加到ConfigureServices
方法中的内容:
I've an implementation of Identity Server 4 with ASP.NET Identity. I asked an earlier question about how I would apply certain login rules and received an answer explaining how I could add some options in Startup.cs
. Here's what I added to the ConfigureServices
method:
services.AddIdentity<ApplicationUser, IdentityRole>(options =>
{
options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(15);
options.Lockout.MaxFailedAccessAttempts = 5;
options.Password.RequiredLength = 9;
options.Password.RequireDigit = true;
options.Password.RequireLowercase = true;
options.Password.RequireUppercase = true;
options.Password.RequireNonAlphanumeric = false;
options.SignIn.RequireConfirmedEmail = true;
})
.AddEntityFrameworkStores<ApplicationDbContext>()
.AddDefaultTokenProviders();
密码规则似乎有效,但是锁定规则无效.我需要启用什么功能吗?
The password rules seem to work, but the lockout rules have no effect. Is there something I need to enable?
推荐答案
不确定我是如何错过的.锁定功能是SignInManager
上PasswordSignInAsync
方法中登录过程的一部分.我需要更改的代码行是AccountController
中Login
方法的一部分:
Not sure how I missed this. The lockout feature happens as part of the sign-in process in the PasswordSignInAsync
method on the SignInManager
. The line of code I needed to change is part of the Login
method in the AccountController
:
SignInManager.PasswordSignInAsync(
model.Email,
model.Password,
model.RememberLogin,
lockoutOnFailure: true); // <- HERE
这篇关于ASP.NET Core身份设置不起作用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!