Configure Microsoft.AspNet.Identity to allow email address as username

I’m in the process of creating a new application and started out using EF6-rc1, Microsoft.AspNet.Identity.Core 1.0.0-rc1, Microsoft.AspNet.Identity.EntityFramework 1.0.0-rc1, Microsoft.AspNet.Identity.Owin 1.0.0-rc1, etc and with the RTM releases yesterday, I updated them via NuGet this evening to RTM.

Apart from a couple of code changes to the work I’d done so far, all seemed to be going well, until I tried to create a local user account for the app.

I had been working on e-mail addresses being the username format which with the release candidate worked great, but now when creating a user with an email address for a username, it throws up the following validation error:

User name [email protected] is invalid, can only contain letters or digits.

I’ve spent the last hour or so searching for a solution or documentation on configuration options for it, but to no avail.

Is there a way I can configure it to allow e-mail addresses for usernames?

Answers:

Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.

Method 1

You can allow this by plugging in your own UserValidator on the UserManager, or just by turning it off on the default implementation:

UserManager.UserValidator = new UserValidator<TUser>(UserManager) { AllowOnlyAlphanumericUserNames = false }

Method 2

The C# version of this (in App_CodeIdentityModels.cs) is

public UserManager()
        : base(new UserStore<ApplicationUser>(new ApplicationDbContext()))
    {
        UserValidator = new UserValidator<ApplicationUser>(this) { AllowOnlyAlphanumericUserNames = false };
    }

Method 3

In my case, running in VS 2013 C#, MVC 5.2.2, using ASP.NET Identity 2.0, the solution was to update the ApplicationUserManager constructor inside App_StartIdentityConfig.cs like so:

public ApplicationUserManager(IUserStore<ApplicationUser> store)
        : base(store)
    {
        this.UserValidator = new UserValidator<ApplicationUser>(this) { AllowOnlyAlphanumericUserNames = false };
    }

Method 4

I had the same problem, when I tried to change the code for make the UserName was the real name of the person and not the email the system show me the same error message “User name ABC DEF is invalid, can only contain letters or digits.” I solved the problem adding the space character (In my case at the end) to AllowedUserNameCharacters.

Im using Asp.Net Core 2.2 and VS2017

This is my code

Go to Startup.cs and edit or add the line under “//user settings”:

        services.AddDbContext<ApplicationDbContext>(options =>
            options.UseMySql(Configuration.GetConnectionString("DefaultConnection")));

        services.AddIdentity<ApplicationUser, ApplicationRole>()
            .AddEntityFrameworkStores<ApplicationDbContext>()
            .AddDefaultTokenProviders();

        services.Configure<IdentityOptions>(options =>
        {
            // Password settings.
            options.Password.RequireDigit = true;
            options.Password.RequireLowercase = true;
            options.Password.RequireNonAlphanumeric = true;
            options.Password.RequireUppercase = true;
            options.Password.RequiredLength = 6;
            options.Password.RequiredUniqueChars = 1;

            // Lockout settings.
            options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5);
            options.Lockout.MaxFailedAccessAttempts = 5;
            options.Lockout.AllowedForNewUsers = true;


            // User settings.
            options.User.AllowedUserNameCharacters =
                "ab<a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="b6d5d2d3d0d1dedfdcdddadbd8d9c6c7c4c5c2c3c0c1cecfccf7f4f5f2f3f0f1fefffcfdfafbf8f9e6e7e4e5e2e3e0e1eeefec86878485828380818e8f9b98e9f6">[email protected]</a>+ ";
            options.User.RequireUniqueEmail = false;
        });

        services.ConfigureApplicationCookie(options =>

Method 5

For people on AspNet.Identity.Core 2.1 and up, these validators in the UserManager are readonly. Email addresses as usernames are allowed by default but if you need further customisation of the characters in your usernames, you can do so in Startup.cs like this:

public void ConfigureServices(IServiceCollection services)
{
    services.AddIdentity<ApplicationUser, IdentityRole>(options => {
        options.User.AllowedUserNameCharacters = "ab<a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="5635323330313e3f3c3d3a3b383926272425222320212e2f2c171415121310111e1f1c1d1a1b181906070405020300010e0f0c66676465626360616e6f7b780916">[email protected]</a>+/";
    });

    // ... etc
}

(I needed a ‘/’ for legacy reasons.)

Method 6

If you are using ASP.Net webforms and are trying to accomplish this, simply open up your IdentityModels.vb/cs file and under Public Class UserManager, have it look as so:

Public Class UserManager
Inherits UserManager(Of ApplicationUser)

Public Sub New()
    MyBase.New(New UserStore(Of ApplicationUser)(New ApplicationDbContext()))
    Users = store
    UserValidator = New UserValidator(Of ApplicationUser)(Me) With {.AllowOnlyAlphanumericUserNames = False}
End Sub

Public Property Users() As IUserStore(Of ApplicationUser)
    Get
        Return m_Users
    End Get
    Private Set(value As IUserStore(Of ApplicationUser))
        m_Users = value
    End Set
End Property
Private m_Users As IUserStore(Of ApplicationUser)

End Class

Method 7

Since coding my own ApplicationUserManager : UserManager class didn’t work for me (maybe bc I use Razor Pages, not MVC), here’s another solution: In Startup.cs in CofigureServices() you can configure Identity Options, for example:

services.Configure<IdentityOptions>(options =>
{
  options.User.AllowedUserNameCharacters = 
  "<a href="https://getridbug.com/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="117073727574777679787b7a7d7c7f7e616063626564676669686b5053525554575659585b5a5d5c5f5e414043424544474649484b51">[email protected]</a>";
  options.User.RequireUniqueEmail = true;
});

More on this topic in Microsoft docs: https://docs.microsoft.com/de-de/aspnet/core/security/authentication/identity-configuration?view=aspnetcore-2.2

Method 8

If you cannot find IdentityConfig.cs then replace your AccountController constructor with this code.

public AccountController(UserManager<ApplicationUser> userManager)
{
UserManager = userManager;
UserManager.UserValidator = new UserValidator<ApplicationUser>(UserManager) 
  {
      AllowOnlyAlphanumericUserNames = false  
  };
}

Method 9

In my case i had a repository class working with authentication, that didn’t let me use a “-” inside usernames.. The fix was inside the constructor here:

//-------------------------------------------------------
public AuthRepository()
//-------------------------------------------------------
{
    _ctx = new AuthContext();
    _userManager = new UserManager<IdentityUser>(new UserStore<IdentityUser>(_ctx));
    _userManager.UserValidator = new UserValidator<IdentityUser>(_userManager)
    {
        AllowOnlyAlphanumericUserNames = false
    };
}

Method 10

I was also stuck with this because most of the time usernames are E-mails these days, I can understand the reasoning of a separate E-mail field though. These are purely my thoughts / experience as I also could not find Microsoft’s say on this.

Remember, Asp Identity is purely to identify someone, you don’t have to have an E-mail to be identified but they allow us to store it because it forms part of an identity. When you create a new web project in visual studio, you are given the option for authentication options.

If you select a non empty project type such as MVC and set authentication to “Individual accounts” then you are given the basic underpinnings for user management. One of which includes a sub class looking like this within App_StartIdentityConfig.cs:

 // Configure the application user manager used in this application. UserManager is defined in ASP.NET Identity and is used by the application.
public class ApplicationUserManager : UserManager<ApplicationUser>
{
    public ApplicationUserManager(IUserStore<ApplicationUser> store)
        : base(store)
    {
    }

    public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context) 
    {
        var manager = new ApplicationUserManager(new UserStore<ApplicationUser>(context.Get<ApplicationDbContext>()));
        // Configure validation logic for usernames
        manager.UserValidator = new UserValidator<ApplicationUser>(manager)
        {
            AllowOnlyAlphanumericUserNames = false,
            RequireUniqueEmail = true
        };
    }
    //N.B rest of code removed
}

What this tells us is that Microsoft intend us to store more complex usernames (refer to AllowOnlyAlphaNumericUserNames = false), so really we have mixed signals.

The fact this is generated from a default web project gives us a good indication / direction from Microsoft (and a clean way) to enable us to enter E-mails for the username field. It’s clean because the static create method is used within the App_StartStartup.Auth.cs when bootstrapping the application with the Microsoft.OWIN context.

The only down side to this approach is you end up storing the E-mail twice…. Which is not good!

Method 11

As you will have probably found out (and was to be expected), ASP.NET Identity 2.0.0, released March 2014, adds this functionality in the framework.

Announcement: http://blogs.msdn.com/b/webdev/archive/2014/03/20/test-announcing-rtm-of-asp-net-identity-2-0-0.aspx

Full example and tutorial, including account confirmation: http://www.asp.net/identity/overview/features-api/account-confirmation-and-password-recovery-with-aspnet-identity

Method 12

If you are using IOC of some sort ( I am using StructureMap) in your account controller, you will need to apply the fix mentioned above by Hao Kung when the Usermanager is passed in:
(I had to). There may be a way to do it in the IOC setup, but I don’t know how.

public AccountController(ApplicationUserManager userManager)
    {
        _userManager = userManager;
        _userManager.UserValidator = new UserValidator<ApplicationUser>(_userManager)
        {
            AllowOnlyAlphanumericUserNames = false,
            RequireUniqueEmail = true
        };

Method 13

I have faced the same problem . but finally I resolved the issue by adding bellow part in to my method , not the constructor .

public void MyMethod(){

     UserManager<ApplicationUser> manager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(new ApplicationDbContext()));


                    // Configure validation logic for usernames  
                    manager.UserValidator = new UserValidator<ApplicationUser>(manager)
                    {
                        AllowOnlyAlphanumericUserNames = false,
                        RequireUniqueEmail = true

                    };         

}


All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

0 0 votes
Article Rating
Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x