Identity Security is a basic implementation using AspNetCore.Identity for user management and authentication. You can use this implementation for production scenarios where you want to host the security packages together with the application.
As AspNetCore.Identity uses auto increment columns for primary key the migration code for creating the database schema is database dependent. This means you need to include different NuGet packages depending on what database provider you're using. The currently available packages are:
<PackageReference Include="Piranha.AspNetCore.Identity.SQLite" Version="7.0.0" />
<PackageReference Include="Piranha.AspNetCore.Identity.SQLServer" Version="7.0.0" />
<PackageReference Include="Piranha.AspNetCore.Identity.MySQL" Version="7.0.0" />
You register Identity Security in ConfigureServices(). There are two methods available for adding the services, AddPiranhaIdentity and AddPiranhaIdentityWithSeed. The later of them seeds the default admin user with username admin and password password. How you register the service is also dependent on which database provider you use:
services.AddPiranhaIdentity<IdentitySQLiteDb>(options => ...);
services.AddPiranhaIdentityWithSeed<IdentitySQLiteDb>(options => ...)
services.AddPiranhaIdentity<IdentitySQLServerDb>(options => ...);
services.AddPiranhaIdentityWithSeed<IdentitySQLServerDb>(options => ...)
services.AddPiranhaIdentity<IdentityMySQLDb>(options => ...);
services.AddPiranhaIdentityWithSeed<IdentityMySQLDb>(options => ...)
When registering the service you can also provide custom IdentityOptions.
services.AddPiranhaIdentity<IdentitySQLiteDb>(
options => ..., identityOptions: io => ...);
These are the default Identity Options provided. Please note that these are more geared towards development scenarios as it enforces a very low password strength algorithm, and should be changed in production scenarios.
// Password settings
options.Password.RequireDigit = false;
options.Password.RequiredLength = 6;
options.Password.RequireNonAlphanumeric = false;
options.Password.RequireUppercase = false;
options.Password.RequireLowercase = false;
options.Password.RequiredUniqueChars = 1;
// Lockout settings
options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
options.Lockout.MaxFailedAccessAttempts = 10;
options.Lockout.AllowedForNewUsers = true;
// User settings
options.User.RequireUniqueEmail = true;
When registering the service you can also provide custom CookieOptions.
services.AddPiranhaIdentity<IdentitySQLiteDb>(
options => ..., cookieOptions: co => ...);
These are the default Cookie Options provided. These should be changed to support HTTPS or maybe change the default login URL if you're running a custom login setup.
options.Cookie.HttpOnly = true;
options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
options.LoginPath = "/manager/login";
options.AccessDeniedPath = "/manager/login";
options.SlidingExpiration = true;