Migrating an Existing Website from SQL Membership to ASP.NET Identity

public class User : IdentityUser
        {
        public User()
        {
            CreateDate = DateTime.Now;
            IsApproved = false;
            LastLoginDate = DateTime.Now;
            LastActivityDate = DateTime.Now;
            LastPasswordChangedDate = DateTime.Now;
            LastLockoutDate = DateTime.Parse("1/1/1754");
            FailedPasswordAnswerAttemptWindowStart = DateTime.Parse("1/1/1754");
            FailedPasswordAttemptWindowStart = DateTime.Parse("1/1/1754");
        }

        public System.Guid ApplicationId { get; set; }
        public string MobileAlias { get; set; }
        public bool IsAnonymous { get; set; }
        public System.DateTime LastActivityDate { get; set; }
        public string MobilePIN { get; set; }
        public string LoweredEmail { get; set; }
        public string LoweredUserName { get; set; }
        public string PasswordQuestion { get; set; }
        public string PasswordAnswer { get; set; }
        public bool IsApproved { get; set; }
        public bool IsLockedOut { get; set; }
        public System.DateTime CreateDate { get; set; }
        public System.DateTime LastLoginDate { get; set; }
        public System.DateTime LastPasswordChangedDate { get; set; }
        public System.DateTime LastLockoutDate { get; set; }
        public int FailedPasswordAttemptCount { get; set; }
        public System.DateTime FailedPasswordAttemptWindowStart { get; set; }
        public int FailedPasswordAnswerAttemptCount { get; set; }
        public System.DateTime FailedPasswordAnswerAttemptWindowStart { get; set; }
        public string Comment { get; set; }

    }
      public class SQLPasswordHasher : PasswordHasher
      {
        public override string HashPassword(string password)
        {
            return base.HashPassword(password);
        }

public override PasswordVerificationResult VerifyHashedPassword(string  hashedPassword, string providedPassword)
        {
            string[] passwordProperties = hashedPassword.Split(‘|‘);
            if (passwordProperties.Length != 3)
            {
                return base.VerifyHashedPassword(hashedPassword, providedPassword);
            }
            else
            {
                string passwordHash = passwordProperties[0];
                int passwordformat = 1;
                string salt = passwordProperties[2];
                if (String.Equals(EncryptPassword(providedPassword, passwordformat, salt), passwordHash, StringComparison.CurrentCultureIgnoreCase))
                {
                    return PasswordVerificationResult.SuccessRehashNeeded;
                }
                else
                {
                    return PasswordVerificationResult.Failed;
                }
            }
        }

//This is copied from the existing SQL providers and is provided only for back-compat.
        private string EncryptPassword(string pass, int passwordFormat, string salt)
        {
            if (passwordFormat == 0) // MembershipPasswordFormat.Clear
                return pass;

            byte[] bIn = Encoding.Unicode.GetBytes(pass);
            byte[] bSalt = Convert.FromBase64String(salt);
            byte[] bRet = null;

            if (passwordFormat == 1)
            { // MembershipPasswordFormat.Hashed
                HashAlgorithm hm = HashAlgorithm.Create("SHA1");
                if (hm is KeyedHashAlgorithm)
                {
                    KeyedHashAlgorithm kha = (KeyedHashAlgorithm)hm;
                    if (kha.Key.Length == bSalt.Length)
                    {
                        kha.Key = bSalt;
                    }
                    else if (kha.Key.Length < bSalt.Length)
                    {
                        byte[] bKey = new byte[kha.Key.Length];
                        Buffer.BlockCopy(bSalt, 0, bKey, 0, bKey.Length);
                        kha.Key = bKey;
                    }
                    else
                    {
                        byte[] bKey = new byte[kha.Key.Length];
                        for (int iter = 0; iter < bKey.Length; )
                        {
                            int len = Math.Min(bSalt.Length, bKey.Length - iter);
                            Buffer.BlockCopy(bSalt, 0, bKey, iter, len);
                            iter += len;
                        }
                        kha.Key = bKey;
                    }
                    bRet = kha.ComputeHash(bIn);
                }
                else
                {
                    byte[] bAll = new byte[bSalt.Length + bIn.Length];
                    Buffer.BlockCopy(bSalt, 0, bAll, 0, bSalt.Length);
                    Buffer.BlockCopy(bIn, 0, bAll, bSalt.Length, bIn.Length);
                    bRet = hm.ComputeHash(bAll);
                }
            }

            return Convert.ToBase64String(bRet);
        }
public UserManager()
            : base(new UserStore<User>(new ApplicationDbContext()))
        {
            this.PasswordHasher = new SQLPasswordHasher();
 }
private Guid GetApplicationID()
        {
            using (SqlConnection connection = new SqlConnection(ConfigurationManager.ConnectionStrings["ApplicationServices"].ConnectionString))
            {
                string queryString = "SELECT ApplicationId from aspnet_Applications WHERE ApplicationName = ‘/‘"; //Set application name as in database

                SqlCommand command = new SqlCommand(queryString, connection);
                command.Connection.Open();

                var reader = command.ExecuteReader();
                while (reader.Read())
                {
                    return reader.GetGuid(0);
                }

                return Guid.NewGuid();
            }
        }
var currentApplicationId = GetApplicationID();

User user = new User() { UserName = Username.Text,
ApplicationId=currentApplicationId, …};
时间: 2024-08-27 19:39:25

Migrating an Existing Website from SQL Membership to ASP.NET Identity的相关文章

全新的membership框架Asp.net Identity(1)——.Net membership的历史

在Asp.net上,微软的membershop框架经历了Asp.net membership到Asp.net simple membership,再到现在的Asp.net Identity. 每一次改变,都使得验证框架更加的适应变化和可定制.这篇文章是Asp.net Identity系列的开篇,主要就membership的历史以及Asp.net Identity中的中的一些新的特性和设计思想分享一下自己的理解.后续将会对Asp.net Identity的实际使用以及实现方式等进行进一步展开. 一

全新的membership框架Asp.net Identity

在Asp.net上,微软的membershop框架经历了Asp.net membership到Asp.net simple membership,再到现在的Asp.net Identity. 每一次改变,都使得验证框架更加的适应变化和可定制.这篇文章是Asp.net Identity系列的开篇,主要就membership的历史以及Asp.net Identity中的中的一些新的特性和设计思想分享一下自己的理解.后续将会对Asp.net Identity的实际使用以及实现方式等进行进一步展开. 一

全新的membership框架Asp.net Identity(2)——绕不过的Claims

本来想直接就开始介绍Identity的部分,奈何自己挖坑太深,高举高打的方法不行.只能自己默默下载了Katana的源代码研究了好一段时间.发现要想能够理解好用好Identity, Claims是一个绕不过的内容.今天就和大家一起分享一下什么是Claims以及为什么Identity要基于Claims. 阅读目录: 一. 什么是Claims以及基于Claims的identity验证 二. 使用基于Claims的Identity验证的优势 三. Claims是如何应用在Asp.net中? 四,一些更深

Adding ASP.NET Identity to an Empty or Existing Web Forms Project

By Raquel Soares De Almeida|October 23, 2013 This tutorial shows you how to add ASP.NET Identity (the new membership system for ASP.NET) to an ASP.NET application. When you create a new Web Forms or MVC project in Visual Studio 2013 RTM with Individu

采用Opserver来监控你的ASP.NET项目系列(二、监控SQL Server与Asp.Net项目)

前言 之前有过2篇关于如何监控ASP.NET core项目的文章,有兴趣的也可以看看. 今天我们主要来介绍一下,如何使用Opserver监控我们的SQL Server 和ASP.NET项目的异常监控 监控效果如下: SQL Server的: ASP.NET异常情况的监控: 监控SQL Server 首先我们来讲解一下如何监控我们的SQL Server. 上篇内容我们已经提到过 Opeserver的项目有很多的配置文件. 我们找到我们的SQLSettings.example.json文件,改名为S

实验十一:sql注入之asp+access案例

仅供学习参考,2013.5.8日学习整理记录 潜江水产案例(sql注入之asp+access)实验目的通过注入漏洞上传config.asp实验过程如下所示:实验前提:在服务器上要搭建好IIS开始实验把已经编好的web通过共享的方式上传到服务器上,然后解压这个潜江水产的数据包文件,然后把这个数据包导入到c:\inetpub\wwwroot下面,接着通过命令行inetmgr打开搭建好的默认网站,然后在默认网站中的主目录下面指定潜江水产的路径,然后在配置中的设置中启用父路径,在指引中添加index.a

Migrating Oracle on UNIX to SQL Server on Windows

Appendices Published: April 27, 2005 On This Page Appendix A: SQL Server for Oracle Professionals Appendix B: Getting the Best Out of SQL Server 2000 and Windows Appendix C: Baselining Appendix D: Installing Common Drivers and Applications Installing

MVC的Membership

Membership三步曲之入门篇 - Membership 基础示例 Membership三步曲之进阶篇 - 深入剖析Provider Model Membership三步曲之高级篇 - 从Membership到 ASP.NET Identity OSharp框架

初识Identity

摘要 通过本文你将了解ASP.NET身份验证机制,表单认证的基本流程,ASP.NET Membership的一些弊端以及ASP.NET Identity的主要优势. 文件夹 身份验证(Authentication)和授权(Authorization) ASP.NET身份验证方式 理解表单验证流程 认识ASP.NET Membership 拥抱ASP.NET Identity ASP.NET Identity主要组成部分 总结 身份验证(Authentication)和授权(Authorizati