目录
在新的ASP.NET Core 2.2 Razor页面模板中搭建和修改Identity
介绍
ASP.NET Core 2.2 Web应用程序2部分中的第1部分,用于更新已确认的电子邮件。以下是搭建和修改Identity以在登录前要求确认电子邮件的步骤。
使用代码
先决条件
- .NET Core 2.2 SDK
- 以下VS中的一个:
- Visual Studio版本2017年15.9或更高版本
- Visual Studio for Mac 7.7或更高版本
- Visual Studio Code C#扩展版本1.17.1或更高版本
您可以下载VS 2017项目或按照以下步骤修改您自己的项目。
第1步——创建Web应用程序
创建一个新的VS 2017项目。
创建新的ASP.NET Core Web应用程序并将身份验证更改为单个用户帐户。
单击确定。
第2步——初始化数据库
该项目使用SQL Server Express。(您也可要选择自己电脑上安装的数据库)
编辑appsettings.json > ConnectionStrings> DefaultConnection设置数据库。
从VS 2017中的程序包管理器控制台运行命令“Update-Database”。
第3步——搭建Identity
右键单击项目名称>添加>新建构建项。
在左侧菜单中选择Identity。
单击添加。
选中覆盖所有文件并选择ApplicationDbContext。
单击添加。
第4步——替换默认的EmailSender
编辑appsettings.json,使用您的电子邮件服务器设置添加EmailSettings:
"EmailSettings": {
"MailServer": "smtp.some_server.com",
"MailPort": 587,
"SenderName": "some name",
"Sender": "some_email@some_server.com",
"Password": "some_password"
}
将名为Entities的新文件夹添加到项目中。
在Entities中添加新命名的类EmailSettings:
public class EmailSettings
{
public string MailServer { get; set; }
public int MailPort { get; set; }
public string SenderName { get; set; }
public string Sender { get; set; }
public string Password { get; set; }
}
将名为Services的新文件夹添加到项目中。
在Services中添加命名的新类EmailSender:
public interface IEmailSender
{
Task SendEmailAsync(string email, string subject, string htmlMessage);
}
public class EmailSender : IEmailSender
{
private readonly EmailSettings _emailSettings;
public EmailSender(IOptions<emailsettings> emailSettings)
{
_emailSettings = emailSettings.Value;
}
public Task SendEmailAsync(string email, string subject, string message)
{
try
{
// Credentials
var credentials = new NetworkCredential(_emailSettings.Sender, _emailSettings.Password);
// Mail message
var mail = new MailMessage()
{
From = new MailAddress(_emailSettings.Sender, _emailSettings.SenderName),
Subject = subject,
Body = message,
IsBodyHtml = true
};
mail.To.Add(new MailAddress(email));
// Smtp client
var client = new SmtpClient()
{
Port = _emailSettings.MailPort,
DeliveryMethod = SmtpDeliveryMethod.Network,
UseDefaultCredentials = false,
Host = _emailSettings.MailServer,
EnableSsl = true,
Credentials = credentials
};
// Send it...
client.Send(mail);
}
catch (Exception ex)
{
// TODO: handle exception
throw new InvalidOperationException(ex.Message);
}
return Task.CompletedTask;
}
}
将名称空间添加到EmailSender.cs:
using Microsoft.Extensions.Options;
using <YourProjectName>.Entities;
using System.Net;
using System.Net.Mail;
编辑Startup.cs > ConfigureServices,添加EmailSettings选项:
services.AddOptions();
services.Configure<EmailSettings>(Configuration.GetSection("EmailSettings"));
添加到Startup.cs >ConfigureServices的底部:
services.AddSingleton<IEmailSender, EmailSender>();
将名称空间添加到Startup.cs:
using <YourProjectName>.Entities;
using <YourProjectName>.Services;
编辑Register.cshtml.cs,ForgotPassword.cshtml.cs和Manage|Index.cshtml.cs使用新EmailSender的namespace:
//using Microsoft.AspNetCore.Identity.UI.Services;
using <YourProjectName>.Services;
第5步——需要确认和唯一的电子邮件
使用AddIdentity<IdentityUser, IdentityRole>而不是AddDefaultIdentity<IdentityUser>编辑Startup.cs > ConfigureServices:
//services.AddDefaultIdentity<IdentityUser>()
services.AddIdentity<IdentityUser, IdentityRole>(config =>
{
config.SignIn.RequireConfirmedEmail = true;
config.User.RequireUniqueEmail = true;
})
.AddDefaultUI(UIFramework.Bootstrap4)
.AddEntityFrameworkStores<ApplicationDbContext>();
.AddDefaultTokenProviders();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2)
.AddRazorPagesOptions(options =>
{
options.AllowAreas = true;
options.Conventions.AuthorizeAreaFolder("Identity", "/Account/Manage");
options.Conventions.AuthorizeAreaPage("Identity", "/Account/Logout");
});
services.ConfigureApplicationCookie(options =>
{
options.LoginPath = $"/Identity/Account/Login";
options.LogoutPath = $"/Identity/Account/Logout";
options.AccessDeniedPath = $"/Identity/Account/AccessDenied";
});
在Areas\Identity\Pages\Account中添加命名为CheckEmail的razer页面:
然后:
编辑CheckEmail.cshtml:
@page
@model CheckEmailModel
@{
ViewData["Title"] = "Check email";
}
<h2>@ViewData["Title"]</h2>
<p>
Please check your inbox to confirm your account.
</p>
编辑CheckEmail.cshtml.cs,添加AllowAnonymous装饰:
[AllowAnonymous]
public class CheckEmailModel : PageModel
{
public void OnGet()
{
}
}
将命名空间添加到CheckEmail.cshtml.cs:
using Microsoft.AspNetCore.Authorization;
编辑Register.cshtml.cs > OnPostAsync:
//await _signInManager.SignInAsync(user, isPersistent: false);
//return LocalRedirect(returnUrl);
return RedirectToPage("./CheckEmail");
第6步——为UserName添加登录名
编辑Areas\Identity\Pages\Account\Register.cshtml.cs,将UserName属性添加到Inputmodel:
[Required]
[StringLength(100, ErrorMessage = "The {0} must be at least {2} and
at max {1} characters long.", MinimumLength = 6)]
[Display(Name = "Login Name")]
public string UserName { get; set; }
编辑Register.cshtml,添加UserName输入:
<div class="form-group">
<label asp-for="Input.UserName"></label>
<input asp-for="Input.UserName" class="form-control" />
<span asp-validation-for="Input.UserName" class="text-danger"></span>
</div<
编辑Register.cshtml.cs > OnPostAsync,在新的IdentityUser构造函数中使用Input.UserName:
var user = new IdentityUser { UserName = Input.UserName, Email = Input.Email };
编辑Login.cshtml.cs > InputModel,替换Email为UserName:
public class InputModel
{
[Required]
[Display(Name = "Login Name")]
public string UserName { get; set; }
[Required]
[DataType(DataType.Password)]
public string Password { get; set; }
[Display(Name = "Remember me?")]
public bool RememberMe { get; set; }
}
编辑Login.cshtml.cs > OnPostAsync,替换Input.Email为Input.UserName:
var result = await _signInManager.PasswordSignInAsync
(Input.UserName, Input.Password, Input.RememberMe, lockoutOnFailure: true);
编辑Login.cshtml,在asp-for上使用UserName更换Email:
<div class="form-group">
<label asp-for="Input.UserName"></label>
<input asp-for="Input.UserName" class="form-control" />
<span asp-validation-for="Input.UserName" class="text-danger"></span>
</div<
第7步——添加未确认的电子邮件页面
在Areas\Identity\Pages\Account中添加命名为UnconfirmedEmail的razer页面:
编辑UnconfirmedEmail.cshtml:
@page "{userId}"
@model UnconfirmedEmailModel
@{
ViewData["Title"] = "Confirm your email.";
}
<h2>@ViewData["Title"]</h2>
<h4>Enter your email.</h4>
<hr />
<div class="row">
<div class="col-md-4">
<form method="post">
<div asp-validation-summary="All" class="text-danger"></div>
<div class="form-group">
<label asp-for="Input.Email"></label>
<input asp-for="Input.Email" class="form-control" />
<span asp-validation-for="Input.Email" class="text-danger"></span>
</div>
<button type="submit" class="btn btn-primary">Submit</button>
</form>
</div>
</div>
@section Scripts {
<partial name="_ValidationScriptsPartial" />
}
编辑UnconfirmedEmail.cshtml.cs:
using <YourProjectName>.Services;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using System.Collections.Generic;
using System.ComponentModel.DataAnnotations;
using System.Text.Encodings.Web;
using System.Threading.Tasks;
namespace <YourProjectName>.Areas.Identity.Pages.Account
{
[AllowAnonymous]
public class UnconfirmedEmailModel : PageModel
{
private readonly UserManager<IdentityUser> _userManager;
private readonly IEmailSender _emailSender;
public UnconfirmedEmailModel(UserManager<IdentityUser> userManager, IEmailSender emailSender)
{
_userManager = userManager;
_emailSender = emailSender;
}
[TempData]
public string UserId { get; set; }
[BindProperty(SupportsGet = true)]
public InputModel Input { get; set; }
public class InputModel
{
[Required]
[EmailAddress]
public string Email { get; set; }
}
public async Task OnGetAsync(string userId)
{
UserId = userId;
var user = await _userManager.FindByIdAsync(userId);
Input.Email = user.Email;
ModelState.Clear();
}
public async Task<IActionResult> OnPostAsync()
{
if (ModelState.IsValid)
{
var user = await _userManager.FindByIdAsync(UserId);
if (user == null)
{
// Don't reveal that the user does not exist
return RedirectToPage("./CheckEmail");
}
if (user.Email != Input.Email)
{
var errors = new List<IdentityError>();
if (_userManager.Options.User.RequireUniqueEmail)
{
var owner = await _userManager.FindByEmailAsync(Input.Email);
if (owner != null && !string.Equals
(await _userManager.GetUserIdAsync(owner),
await _userManager.GetUserIdAsync(user)))
{
ModelState.AddModelError(string.Empty,
new IdentityErrorDescriber().DuplicateEmail(Input.Email).Description);
return Page();
}
}
await _userManager.SetEmailAsync(user, Input.Email);
}
var result = await _userManager.UpdateSecurityStampAsync(user);
if (!result.Succeeded)
{
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
return Page();
}
}
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = Url.Page(
"/Account/ConfirmEmail",
pageHandler: null,
values: new { userId = user.Id, code = code },
protocol: Request.Scheme);
await _emailSender.SendEmailAsync(Input.Email, "Confirm your email",
$"Please confirm your account by
<a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
return RedirectToPage("./CheckEmail");
}
return Page();
}
}
}
第8步——修改登录
注入UserManager到Areas\Identity\Pages\Account\Login.cshtml.cs:
private readonly UserManager<IdentityUser> _userManager;
private readonly SignInManager<IdentityUser> _signInManager;
private readonly ILogger<LoginModel> _logger;
public LoginModel(
UserManager<IdentityUser> userManager,
SignInManager<IdentityUser> signInManager,
ILogger<LoginModel> logger)
{
_userManager = userManager;
_signInManager = signInManager;
_logger = logger;
}
向Login.cshtml.cs添加ShowResend和UserId属性:
public bool ShowResend { get; set; }
public string UserId { get; set; }
添加到Login.cshtml.cs > OnPostAsync,在result.IsLockedOut之后:
if (result.IsNotAllowed)
{
_logger.LogWarning("User email is not confirmed.");
ModelState.AddModelError(string.Empty, "Email is not confirmed.");
var user = await _userManager.FindByNameAsync(Input.UserName);
UserId = user.Id;
ShowResend = true;
return Page();
}
编辑Login.cshtml,在asp-validation-summary之后:
@{
if (Model.ShowResend)
{
<p>
<a asp-page="./UnconfirmedEmail"
asp-route-userId="@Model.UserId">Resend verification?</a>
</p>
}
}
第9步——修改确认电子邮件
将ShowInvalid属性添加到Areas\Identity\Pages\Account\ConfirmEmail.cshtml.cs:
public bool ShowInvalid { get; set; }
编辑ConfirmEmail.cshtml.cs > OnGetAsync:
if (!result.Succeeded)
{
//throw new InvalidOperationException($"Error confirming email for user with ID '{userId}':");
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
ShowInvalid = true;
}
编辑ConfirmEmail.cshtml:
<div asp-validation-summary="All" class="text-danger"></div>
@{
if (Model.ShowInvalid)
{
<p>
Error confirming your email.
</p>
<p>
If you can login, try updating your email again.<br />
If you cannot login, try resend verification.
</p>
}
else
{
<p>
Thank you for confirming your email.
</p>
}
}
构建并测试项目。
继续查看第二部分。
原文地址:https://www.codeproject.com/Articles/1272172/Require-Confirmed-Email-in-ASP-NET-Core-2-2-Part-1