Identity Security is a basic implementation using AspNetCore.Identity for user management and authentication. You can use this implementation for production scenarios where you want to host the security packages together with the application.
As AspNetCore.Identity uses auto increment columns for primary key the migration code for creating the database schema is database dependent. This means you need to include different NuGet packages depending on what database provider you're using. The currently available packages are:
> dotnet add package Piranha.AspNetCore.Identity.SQLite
> dotnet add package Piranha.AspNetCore.Identity.SQLServer
> dotnet add package Piranha.AspNetCore.Identity.MySQL
You register Identity Security in ConfigureServices(). There are two methods available for adding the services, AddPiranhaIdentity and AddPiranhaIdentityWithSeed. The later of them seeds the default admin user with username admin and password password. How you register the service is also dependent on which database provider you use:
With default seed
public void ConfigureServices(IServiceCollection services)
{
services.AddPiranha(options =>
{
options.UseIdentityWithSeed<IdentitySQLiteDb>(db =>
db.UseSqlite(...));
});
}
Without seeding default user
public void ConfigureServices(IServiceCollection services)
{
services.AddPiranha(options =>
{
options.UseIdentity<IdentitySQLServerDb>(db =>
db.UseSqlite(...));
});
}
With default seed
public void ConfigureServices(IServiceCollection services)
{
services.AddPiranha(options =>
{
options.UseIdentityWithSeed<IdentitySQLServerDb>(db =>
db.UseSqlServer(...));
});
}
Without seeding default user
public void ConfigureServices(IServiceCollection services)
{
services.AddPiranha(options =>
{
options.UseIdentity<IdentitySQLServerDb>(db =>
db.UseSqlServer(...));
});
}
When registering the service you can also provide custom IdentityOptions.
public void ConfigureServices(IServiceCollection services)
{
services.AddPiranha(options =>
{
options.UseIdentity<...>(db => ...,
identityOptions: io => {
// Add your custom identity options here
}
);
});
}
These are the default Identity Options provided. Please note that these are more geared towards development scenarios as it enforces a very low password strength algorithm, and should be changed in production scenarios.
// Password settings
io.Password.RequireDigit = false;
io.Password.RequiredLength = 6;
io.Password.RequireNonAlphanumeric = false;
io.Password.RequireUppercase = false;
io.Password.RequireLowercase = false;
io.Password.RequiredUniqueChars = 1;
// Lockout settings
io.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
io.Lockout.MaxFailedAccessAttempts = 10;
io.Lockout.AllowedForNewUsers = true;
// User settings
io.User.RequireUniqueEmail = true;
When registering the service you can also provide custom CookieOptions.
public void ConfigureServices(IServiceCollection services)
{
services.AddPiranha(options =>
{
options.UseIdentity<...>(db => ...,
cookieOptions: co => {
// Add your custom cookie options here
});
);
});
}
These are the default Cookie Options provided. These should be changed to support HTTPS or maybe change the default login URL if you're running a custom login setup.
co.Cookie.HttpOnly = true;
co.ExpireTimeSpan = TimeSpan.FromMinutes(30);
co.LoginPath = "/manager/login";
co.AccessDeniedPath = "/manager/login";
co.SlidingExpiration = true;