ASP.NET core 身分識別簡介Introduction to Identity on ASP.NET Core

作者:Rick AndersonBy Rick Anderson

ASP.NET Core Identity 是將登入功能加入至 ASP.NET Core 應用程式的成員資格系統。ASP.NET Core Identity is a membership system that adds login functionality to ASP.NET Core apps. 使用者可以建立的帳戶與儲存在身分識別的登入資訊,或者可以使用外部登入提供者。Users can create an account with the login information stored in Identity or they can use an external login provider. 支援的外部登入提供者包括Facebook、 Google、 Microsoft 帳戶及 TwitterSupported external login providers include Facebook, Google, Microsoft Account, and Twitter.

可以使用 SQL Server 資料庫來儲存使用者名稱、 密碼和設定檔資料,設定身分識別。Identity can be configured using a SQL Server database to store user names, passwords, and profile data. 或者,另一個持續性存放區可用,例如 Azure 資料表儲存體。Alternatively, another persistent store can be used, for example, Azure Table Storage.

檢視或下載範例程式碼(如何下載))。View or download the sample code (how to download)).

本主題中,您將了解如何使用身分識別來註冊、 登入,並登出使用者。In this topic, you learn how to use Identity to register, log in, and log out a user. 如需有關建立使用身分識別的應用程式的詳細指示,請參閱本文結尾 「 後續步驟 」 一節。For more detailed instructions about creating apps that use Identity, see the Next Steps section at the end of this article.

AddDefaultIdentity 和 AddIdentityAddDefaultIdentity and AddIdentity

AddDefaultIdentity ASP.NET Core 2.1 中引進。AddDefaultIdentity was introduced in ASP.NET Core 2.1. 呼叫AddDefaultIdentity類似於呼叫下列命令:Calling AddDefaultIdentity is similar to calling the following:

請參閱AddDefaultIdentity 來源如需詳細資訊。See AddDefaultIdentity source for more information.

建立驗證的 Web 應用程式Create a Web app with authentication

個別使用者帳戶中建立 ASP.NET Core Web 應用程式專案。Create an ASP.NET Core Web Application project with Individual User Accounts.

  • 選取 [檔案] > [新增] > [專案]。Select File > New > Project.
  • 選取 [ASP.NET Core Web 應用程式]。Select ASP.NET Core Web Application. 將專案命名為WebApp1將專案下載相同的命名空間。Name the project WebApp1 to have the same namespace as the project download. 按一下 [確定] 。Click OK.
  • 選取 ASP.NET Core Web 應用程式,然後選取變更驗證Select an ASP.NET Core Web Application, then select Change Authentication.
  • 選取 個別使用者帳戶然後按一下確定Select Individual User Accounts and click OK.

產生的專案提供ASP.NET Core Identity作為Razor 類別庫The generated project provides ASP.NET Core Identity as a Razor Class Library. 身分識別 Razor 類別庫會公開端點Identity區域。The Identity Razor Class Library exposes endpoints with the Identity area. 例如:For example:

  • / 身分識別/帳戶/登入/Identity/Account/Login
  • / 身分識別/帳戶/登出/Identity/Account/Logout
  • / 身分識別/帳戶/管理/Identity/Account/Manage

套用移轉Apply migrations

適用於初始化資料庫的移轉作業。Apply the migrations to initialise the database.

在 套件管理員主控台 (PMC) 中執行下列命令:Run the following command in the Package Manager Console (PMC):

PM> Update-Database

測試註冊和登入Test Register and Login

執行應用程式並註冊的使用者。Run the app and register a user. 根據您的螢幕大小,您可能需要選取瀏覽切換按鈕,以查看註冊登入連結。Depending on your screen size, you might need to select the navigation toggle button to see the Register and Login links.

檢視識別資料庫View the Identity database

  • 檢視功能表上,選取SQL Server 物件總管(SSOX)。From the View menu, select SQL Server Object Explorer (SSOX).
  • 瀏覽至 (localdb) (SQL Server 13) MSSQLLocalDBNavigate to (localdb)MSSQLLocalDB(SQL Server 13). 以滑鼠右鍵按一下dbo。AspNetUsers > 檢視資料:Right-click on dbo.AspNetUsers > View Data:

SQL Server 物件總管 中的 AspNetUsers 資料表上的操作功能表

設定身分識別服務Configure Identity services

服務會加入ConfigureServicesServices are added in ConfigureServices. 典型模式是呼叫所有 Add{Service} 方法,然後呼叫 services.Configure{Service} 方法。The typical pattern is to call all the Add{Service} methods, and then call all the services.Configure{Service} methods.

public void ConfigureServices(IServiceCollection services)
{
    services.Configure<CookiePolicyOptions>(options =>
    {
        options.CheckConsentNeeded = context => true;
        options.MinimumSameSitePolicy = SameSiteMode.None;
    });

    services.AddDbContext<ApplicationDbContext>(options =>
        options.UseSqlServer(
            Configuration.GetConnectionString("DefaultConnection")));
    services.AddDefaultIdentity<IdentityUser>()
        .AddDefaultUI(UIFramework.Bootstrap4)
        .AddEntityFrameworkStores<ApplicationDbContext>();

    services.Configure<IdentityOptions>(options =>
    {
        // Password settings.
        options.Password.RequireDigit = true;
        options.Password.RequireLowercase = true;
        options.Password.RequireNonAlphanumeric = true;
        options.Password.RequireUppercase = true;
        options.Password.RequiredLength = 6;
        options.Password.RequiredUniqueChars = 1;

        // Lockout settings.
        options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(5);
        options.Lockout.MaxFailedAccessAttempts = 5;
        options.Lockout.AllowedForNewUsers = true;

        // User settings.
        options.User.AllowedUserNameCharacters =
        "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._@+";
        options.User.RequireUniqueEmail = false;
    });

    services.ConfigureApplicationCookie(options =>
    {
        // Cookie settings
        options.Cookie.HttpOnly = true;
        options.ExpireTimeSpan = TimeSpan.FromMinutes(5);

        options.LoginPath = "/Identity/Account/Login";
        options.AccessDeniedPath = "/Identity/Account/AccessDenied";
        options.SlidingExpiration = true;
    });

    services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
}

上述程式碼會使用預設選項值設定身分識別。The preceding code configures Identity with default option values. 服務可透過應用程式相依性插入Services are made available to the app through dependency injection.

藉由呼叫啟用身分識別UseAuthenticationIdentity is enabled by calling UseAuthentication. UseAuthentication 新增驗證中介軟體至要求管線。UseAuthentication adds authentication middleware to the request pipeline.

public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
        app.UseDatabaseErrorPage();
    }
    else
    {
        app.UseExceptionHandler("/Error");
        app.UseHsts();
    }

    app.UseHttpsRedirection();
    app.UseStaticFiles();
    app.UseCookiePolicy();

    app.UseAuthentication();

    app.UseMvc();
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
    services.AddDbContext<ApplicationDbContext>(options =>
        options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

    services.AddIdentity<ApplicationUser, IdentityRole>()
        .AddEntityFrameworkStores<ApplicationDbContext>()
        .AddDefaultTokenProviders();

    services.Configure<IdentityOptions>(options =>
    {
        // Password settings
        options.Password.RequireDigit = true;
        options.Password.RequiredLength = 8;
        options.Password.RequireNonAlphanumeric = false;
        options.Password.RequireUppercase = true;
        options.Password.RequireLowercase = false;
        options.Password.RequiredUniqueChars = 6;

        // Lockout settings
        options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
        options.Lockout.MaxFailedAccessAttempts = 10;
        options.Lockout.AllowedForNewUsers = true;

        // User settings
        options.User.RequireUniqueEmail = true;
    });

    services.ConfigureApplicationCookie(options =>
    {
        // Cookie settings
        options.Cookie.HttpOnly = true;
        options.ExpireTimeSpan = TimeSpan.FromMinutes(30);
        // If the LoginPath isn't set, ASP.NET Core defaults 
        // the path to /Account/Login.
        options.LoginPath = "/Account/Login";
        // If the AccessDeniedPath isn't set, ASP.NET Core defaults 
        // the path to /Account/AccessDenied.
        options.AccessDeniedPath = "/Account/AccessDenied";
        options.SlidingExpiration = true;
    });

    // Add application services.
    services.AddTransient<IEmailSender, EmailSender>();

    services.AddMvc();
}

服務可透過應用程式相依性插入Services are made available to the application through dependency injection.

藉由呼叫應用程式啟用身分識別UseAuthenticationConfigure方法。Identity is enabled for the application by calling UseAuthentication in the Configure method. UseAuthentication 新增驗證中介軟體至要求管線。UseAuthentication adds authentication middleware to the request pipeline.

// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env)
{
    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
        app.UseBrowserLink();
        app.UseDatabaseErrorPage();
    }
    else
    {
        app.UseExceptionHandler("/Home/Error");
    }

    app.UseStaticFiles();

    app.UseAuthentication();

    app.UseMvc(routes =>
    {
        routes.MapRoute(
            name: "default",
            template: "{controller=Home}/{action=Index}/{id?}");
    });
}
public void ConfigureServices(IServiceCollection services)
{
    // Add framework services.
    services.AddDbContext<ApplicationDbContext>(options =>
        options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

    services.AddIdentity<ApplicationUser, IdentityRole>()
        .AddEntityFrameworkStores<ApplicationDbContext>()
        .AddDefaultTokenProviders();

    services.AddMvc();

    // Configure Identity
    services.Configure<IdentityOptions>(options =>
    {
        // Password settings
        options.Password.RequireDigit = true;
        options.Password.RequiredLength = 8;
        options.Password.RequireNonAlphanumeric = false;
        options.Password.RequireUppercase = true;
        options.Password.RequireLowercase = false;

        // Lockout settings
        options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
        options.Lockout.MaxFailedAccessAttempts = 10;

        // Cookie settings
        options.Cookies.ApplicationCookie.ExpireTimeSpan = TimeSpan.FromDays(150);
        options.Cookies.ApplicationCookie.LoginPath = "/Account/Login";

        // User settings
        options.User.RequireUniqueEmail = true;
    });

    // Add application services.
    services.AddTransient<IEmailSender, AuthMessageSender>();
    services.AddTransient<ISmsSender, AuthMessageSender>();
}

這些服務可透過應用程式相依性插入These services are made available to the application through dependency injection.

藉由呼叫應用程式啟用身分識別UseIdentityConfigure方法。Identity is enabled for the application by calling UseIdentity in the Configure method. UseIdentity 新增 cookie 為基礎的驗證中介軟體至要求管線。UseIdentity adds cookie-based authentication middleware to the request pipeline.

public void Configure(IApplicationBuilder app,
    IHostingEnvironment env, 
    ILoggerFactory loggerFactory)
{
    loggerFactory.AddConsole(Configuration.GetSection("Logging"));
    loggerFactory.AddDebug();

    if (env.IsDevelopment())
    {
        app.UseDeveloperExceptionPage();
        app.UseDatabaseErrorPage();
        app.UseBrowserLink();
    }
    else
    {
        app.UseExceptionHandler("/Home/Error");
    }

    app.UseStaticFiles();

    app.UseIdentity();

    // Add external authentication middleware below. To configure them please see https://go.microsoft.com/fwlink/?LinkID=532715

    app.UseMvc(routes =>
    {
        routes.MapRoute(
            name: "default",
            template: "{controller=Home}/{action=Index}/{id?}");
    });
}

如需詳細資訊,請參閱 < IdentityOptions 類別應用程式啟動For more information, see the IdentityOptions Class and Application Startup.

Scaffold 註冊、 登入和登出Scaffold Register, Login, and LogOut

請遵循Scaffold Razor 專案具有授權的身分識別產生程式碼顯示這一節的指示。Follow the Scaffold identity into a Razor project with authorization instructions to generate the code shown in this section.

新增註冊、 登入和登出的檔案。Add the Register, Login, and LogOut files.

檢查暫存器Examine Register

當使用者按一下註冊連結,RegisterModel.OnPostAsync叫用動作。When a user clicks the Register link, the RegisterModel.OnPostAsync action is invoked. 使用者由CreateAsync_userManager物件。The user is created by CreateAsync on the _userManager object. _userManager 是由提供相依性插入):_userManager is provided by dependency injection):

public async Task<IActionResult> OnPostAsync(string returnUrl = null)
{
    returnUrl = returnUrl ?? Url.Content("~/");
    if (ModelState.IsValid)
    {
        var user = new IdentityUser { UserName = Input.Email, Email = Input.Email };
        var result = await _userManager.CreateAsync(user, Input.Password);
        if (result.Succeeded)
        {
            _logger.LogInformation("User created a new account with password.");

            var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
            var callbackUrl = Url.Page(
                "/Account/ConfirmEmail",
                pageHandler: null,
                values: new { userId = user.Id, code = code },
                protocol: Request.Scheme);

            await _emailSender.SendEmailAsync(Input.Email, "Confirm your email",
                $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");

            await _signInManager.SignInAsync(user, isPersistent: false);
            return LocalRedirect(returnUrl);
        }
        foreach (var error in result.Errors)
        {
            ModelState.AddModelError(string.Empty, error.Description);
        }
    }

    // If we got this far, something failed, redisplay form
    return Page();
}

當使用者按一下註冊連結Register上叫用動作AccountControllerWhen a user clicks the Register link, the Register action is invoked on AccountController. Register動作會建立使用者,藉由呼叫CreateAsync_userManager物件 (提供給AccountController由相依性插入):The Register action creates the user by calling CreateAsync on the _userManager object (provided to AccountController by dependency injection):

//
// POST: /Account/Register
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Register(RegisterViewModel model)
{
    if (ModelState.IsValid)
    {
        var user = new ApplicationUser { UserName = model.Email, Email = model.Email };
        var result = await _userManager.CreateAsync(user, model.Password);
        if (result.Succeeded)
        {
            // For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=532713
            // Send an email with this link
            //var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
            //var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
            //await _emailSender.SendEmailAsync(model.Email, "Confirm your account",
            //    "Please confirm your account by clicking this link: <a href=\"" + callbackUrl + "\">link</a>");
            await _signInManager.SignInAsync(user, isPersistent: false);
            _logger.LogInformation(3, "User created a new account with password.");
            return RedirectToAction(nameof(HomeController.Index), "Home");
        }
        AddErrors(result);
    }

    // If we got this far, something failed, redisplay form
    return View(model);
}

如果已成功建立使用者,使用者會登入的呼叫所_signInManager.SignInAsyncIf the user was created successfully, the user is logged in by the call to _signInManager.SignInAsync.

注意: 請參閱帳戶確認的步驟,以避免在註冊的立即登入。Note: See account confirmation for steps to prevent immediate login at registration.

登入Log in

登入表單顯示時:The Login form is displayed when:

  • 登入選取連結。The Log in link is selected.
  • 使用者嘗試存取受限制的頁面未獲授權可以存取時在還沒有已驗證系統。A user attempts to access a restricted page that they aren't authorized to access or when they haven't been authenticated by the system.

登入頁面上的表單提交時,OnPostAsync呼叫動作。When the form on the Login page is submitted, the OnPostAsync action is called. PasswordSignInAsync 呼叫_signInManager(由相依性插入提供) 的物件。PasswordSignInAsync is called on the _signInManager object (provided by dependency injection).

public async Task<IActionResult> OnPostAsync(string returnUrl = null)
{
    returnUrl = returnUrl ?? Url.Content("~/");

    if (ModelState.IsValid)
    {
        // This doesn't count login failures towards account lockout
        // To enable password failures to trigger account lockout, 
        // set lockoutOnFailure: true
        var result = await _signInManager.PasswordSignInAsync(Input.Email, 
            Input.Password, Input.RememberMe, lockoutOnFailure: true);
        if (result.Succeeded)
        {
            _logger.LogInformation("User logged in.");
            return LocalRedirect(returnUrl);
        }
        if (result.RequiresTwoFactor)
        {
            return RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe });
        }
        if (result.IsLockedOut)
        {
            _logger.LogWarning("User account locked out.");
            return RedirectToPage("./Lockout");
        }
        else
        {
            ModelState.AddModelError(string.Empty, "Invalid login attempt.");
            return Page();
        }
    }

    // If we got this far, something failed, redisplay form
    return Page();
}

基底Controller類別會公開User屬性,您可以從控制器方法存取。The base Controller class exposes a User property that you can access from controller methods. 比方說,您可以列舉User.Claims並進行授權決策。For instance, you can enumerate User.Claims and make authorization decisions. 如需詳細資訊,請參閱 介紹 ASP.NET Core 的授權For more information, see 介紹 ASP.NET Core 的授權.

當使用者選取時,會顯示登入表單登入存取需要驗證的網頁時,會重新導向或連結。The Login form is displayed when users select the Log in link or are redirected when accessing a page that requires authentication. 當使用者提交表單時的登入頁面上, AccountController Login呼叫動作。When the user submits the form on the Login page, the AccountController Login action is called.

Login動作會呼叫PasswordSignInAsync_signInManager物件 (提供給AccountController由相依性插入)。The Login action calls PasswordSignInAsync on the _signInManager object (provided to AccountController by dependency injection).

//
// POST: /Account/Login
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
    ViewData["ReturnUrl"] = returnUrl;
    if (ModelState.IsValid)
    {
        // This doesn't count login failures towards account lockout
        // To enable password failures to trigger account lockout, set lockoutOnFailure: true
        var result = await _signInManager.PasswordSignInAsync(model.Email, 
            model.Password, model.RememberMe, lockoutOnFailure: false);
        if (result.Succeeded)
        {
            _logger.LogInformation(1, "User logged in.");
            return RedirectToLocal(returnUrl);
        }
        if (result.RequiresTwoFactor)
        {
            return RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
        }
        if (result.IsLockedOut)
        {
            _logger.LogWarning(2, "User account locked out.");
            return View("Lockout");
        }
        else
        {
            ModelState.AddModelError(string.Empty, "Invalid login attempt.");
            return View(model);
        }
    }

    // If we got this far, something failed, redisplay form
    return View(model);
}

基底 (Controller或是PageModel) 類別會公開User屬性。The base (Controller or PageModel) class exposes a User property. 比方說,User.Claims可以列舉來製作授權決策。For example, User.Claims can be enumerated to make authorization decisions.

登出Log out

登出 連結會叫用LogoutModel.OnPost動作。The Log out link invokes the LogoutModel.OnPost action.

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.AspNetCore.Mvc.RazorPages;
using Microsoft.Extensions.Logging;
using System.Threading.Tasks;

namespace WebApp1.Areas.Identity.Pages.Account
{
    [AllowAnonymous]
    public class LogoutModel : PageModel
    {
        private readonly SignInManager<IdentityUser> _signInManager;
        private readonly ILogger<LogoutModel> _logger;

        public LogoutModel(SignInManager<IdentityUser> signInManager, ILogger<LogoutModel> logger)
        {
            _signInManager = signInManager;
            _logger = logger;
        }

        public void OnGet()
        {
        }

        public async Task<IActionResult> OnPost(string returnUrl = null)
        {
            await _signInManager.SignOutAsync();
            _logger.LogInformation("User logged out.");
            if (returnUrl != null)
            {
                return LocalRedirect(returnUrl);
            }
            else
            {
                return Page();
            }
        }
    }
}

SignOutAsync清除儲存在 cookie 中的使用者宣告。SignOutAsync clears the user's claims stored in a cookie. 不重新導向之後呼叫SignOutAsync或使用者將會登出。Don't redirect after calling SignOutAsync or the user will not be signed out.

中所指定的張貼Pages/Shared/_LoginPartial.cshtml:Post is specified in the Pages/Shared/_LoginPartial.cshtml:

@using Microsoft.AspNetCore.Identity
@inject SignInManager<IdentityUser> SignInManager
@inject UserManager<IdentityUser> UserManager

<ul class="navbar-nav">
    @if (SignInManager.IsSignedIn(User))
    {
        <li class="nav-item">
            <a class="nav-link text-dark" asp-area="Identity"
               asp-page="/Account/Manage/Index"
               title="Manage">Hello@User.Identity.Name!</a>
        </li>
        <li class="nav-item">
            <form class="form-inline" asp-area="Identity" asp-page="/Account/Logout" 
                   asp-route-returnUrl="@Url.Page("/", new { area = "" })" 
                   method="post">
                <button type="submit" class="nav-link btn btn-link text-dark">Logout</button>
            </form>
        </li>
    }
    else
    {
        <li class="nav-item">
            <a class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Register">Register</a>
        </li>
        <li class="nav-item">
            <a class="nav-link text-dark" asp-area="Identity" asp-page="/Account/Login">Login</a>
        </li>
    }
</ul>


按一下 登出連結呼叫LogOut動作。Clicking the Log out link calls the LogOut action.

//
// POST: /Account/LogOut
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> LogOut()
{
    await _signInManager.SignOutAsync();
    _logger.LogInformation(4, "User logged out.");
    return RedirectToAction(nameof(HomeController.Index), "Home");
}

上述程式碼會呼叫_signInManager.SignOutAsync方法。The preceding code calls the _signInManager.SignOutAsync method. SignOutAsync方法會清除儲存在 cookie 中的使用者宣告。The SignOutAsync method clears the user's claims stored in a cookie.

測試身分識別Test Identity

預設的 web 專案範本允許匿名存取首頁。The default web project templates allow anonymous access to the home pages. 若要測試識別,新增 [Authorize] 隱私權頁面。To test Identity, add [Authorize] to the Privacy page.

using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc.RazorPages;

namespace WebApp1.Pages
{
    [Authorize]
    public class PrivacyModel : PageModel
    {
        public void OnGet()
        {
        }
    }
}

如果您登入,登出。執行應用程式,然後選取隱私權連結。If you are signed in, sign out. Run the app and select the Privacy link. 將您重新導向至登入頁面。You are redirected to the login page.

瀏覽身分識別Explore Identity

若要更詳細地探索身分識別:To explore Identity in more detail:

身分識別元件Identity Components

中包含所有身分識別相依的 NuGet 套件Microsoft.AspNetCore.App 中繼套件All the Identity dependent NuGet packages are included in the Microsoft.AspNetCore.App metapackage.

身分識別的主要套件Microsoft.AspNetCore.IdentityThe primary package for Identity is Microsoft.AspNetCore.Identity. 此封裝包含一組核心介面的 ASP.NET Core 身分識別,並包含Microsoft.AspNetCore.Identity.EntityFrameworkCoreThis package contains the core set of interfaces for ASP.NET Core Identity, and is included by Microsoft.AspNetCore.Identity.EntityFrameworkCore.

移轉至 ASP.NET Core 身分識別Migrating to ASP.NET Core Identity

如需詳細資訊和移轉您現有的身分識別存放區的指引,請參閱移轉驗證和身分識別For more information and guidance on migrating your existing Identity store, see Migrate Authentication and Identity.

設定密碼強度Setting password strength

請參閱組態如需設定的最小的密碼需求的範例。See Configuration for a sample that sets the minimum password requirements.

後續步驟Next Steps