In my ASP.NET applications I have following settings in DefaultMembershipProvider and SqlMembershipProvider in web.config:
enablePasswordRetrieval="true" passwordFormat="Clear" requiresQuestionAndAnswer="false"
They are required for Digest authentication. I would like to move to ASP.NET Identity. I am using automated tool to update all web.config files that I manage.
How do I set these settings for ASP.NET Identity in the project generated by Visual Studio 2013?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
You need to provide IPasswordHasher implementation that can provide clear password without hashing. You can set UserManager.PasswordHasher to your implementation.
As of now, there is no web.config configurable settings for Identity. You need to provide appropriate mix of configurable in code, mainly in Startup.cs
It is not recommended to store passwords in clear format.
public class ClearPassword : IPasswordHasher
{
public string HashPassword(string password)
{
return password;
}
public PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword)
{
if(hashedPassword.Equals(providedPassword))
return PasswordVerificationResult.Success;
else return PasswordVerificationResult.Failed;
}
}
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0