I'm trying to make a very simple implementation of an IUserStore that would essentially:
use NHibernate
save users in a single table (no claims/logins)
store role names in the same table, in an nvarchar column (pipe ('|')
separated if multiple items).
When I run the following method:
[Fact]
public void Create_A_User()
{
// _session is a valid NHibernate ISession object
using (var userStore = new SimpleUserStore<SimpleIdentityUser>(_session))
using (var userManager = new UserManager<SimpleIdentityUser>(userStore))
{
var user = new SimpleIdentityUser
{
UserName = "kenny_mccormick",
RolesStr = "admin",
};
var createTask = userManager.CreateAsync(user, "the_password");
var result = createTask.Result; // this never finishes...
}
}
the last line would never finish executing.
The weird thing is that the UserManager never calls any of the functions in my SimpleUserStore; it gets stuck before that.
Here are the components I defined:
The user class:
public class SimpleIdentityUser : IUser
{
public virtual Guid UserId { get; set; }
public virtual string PasswordHash { get; set; }
public virtual string SecurityStamp { get; set; }
public virtual string RolesStr { get; set; }
public virtual string UserName { get; set; }
public virtual string Id
{
get { return UserId.ToString(); }
}
}
The User Store:
public class SimpleUserStore<TUser> :
IUserPasswordStore<TUser>,
IUserRoleStore<TUser>,
IUserSecurityStampStore<TUser>
where TUser : SimpleIdentityUser
{
// ReSharper disable once StaticFieldInGenericType
private static readonly Task EmptyTask = new Task(() => { });
private readonly ISession _session;
public SimpleUserStore(ISession session)
{
_session = session;
}
public Task<TUser> FindAsync(UserLoginInfo login)
{
return Task.FromResult((TUser) null);
}
public Task CreateAsync(TUser user)
{
_session.Save(user);
return EmptyTask;
}
public Task UpdateAsync(TUser user)
{
// updates will (hopefully) be saved automatically when the current session is committed
return EmptyTask;
}
public Task DeleteAsync(TUser user)
{
_session.Delete(user);
return EmptyTask;
}
public Task<TUser> FindByIdAsync(string userId)
{
TUser user = null;
Guid guidId;
if (Guid.TryParse(userId, out guidId))
user = _session.Get<TUser>(guidId);
return Task.FromResult(user);
}
public Task<TUser> FindByNameAsync(string userName)
{
TUser user = _session.Query<TUser>().SingleOrDefault(u => u.UserName == userName);
return Task.FromResult(user);
}
public Task SetPasswordHashAsync(TUser user, string passwordHash)
{
user.PasswordHash = passwordHash;
return EmptyTask;
}
public Task<string> GetPasswordHashAsync(TUser user)
{
return Task.FromResult(user.PasswordHash);
}
public Task<bool> HasPasswordAsync(TUser user)
{
return Task.FromResult(user.PasswordHash != null);
}
public void Dispose()
{
}
public Task AddToRoleAsync(TUser user, string role)
{
new SimpleRoleManager<TUser>(user).AddRole(role);
return EmptyTask;
}
public Task RemoveFromRoleAsync(TUser user, string role)
{
new SimpleRoleManager<TUser>(user).DeleteRole(role);
return EmptyTask;
}
public Task<IList<string>> GetRolesAsync(TUser user)
{
List<string> roles = new SimpleRoleManager<TUser>(user).GetRoles().ToList();
return Task.FromResult((IList<string>) roles);
}
public Task<bool> IsInRoleAsync(TUser user, string role)
{
return Task.FromResult(new SimpleRoleManager<TUser>(user).IsInRole(role));
}
public Task SetSecurityStampAsync(TUser user, string stamp)
{
user.SecurityStamp = stamp;
return EmptyTask;
}
public Task<string> GetSecurityStampAsync(TUser user)
{
return Task.FromResult(user.SecurityStamp);
}
}
How I manage roles
Probably not so important, but here it is anyway:
public class SimpleRoleManager<TUser> where TUser : SimpleIdentityUser
{
private const string Separator = "|";
private readonly TUser _user;
public SimpleRoleManager(TUser user)
{
_user = user;
}
public string[] GetRoles()
{
return (_user.RolesStr ?? String.Empty)
.Split(Separator.ToCharArray(), StringSplitOptions.RemoveEmptyEntries);
}
public bool IsInRole(string roleName)
{
return GetRoles().Contains(roleName);
}
public bool AddRole(string roleName)
{
var roles = GetRoles().ToList();
if (roles.Contains(roleName))
return false;
roles.Add(roleName);
SetRoles(roles);
return true;
}
public bool DeleteRole(string roleName)
{
List<string> roles = GetRoles().ToList();
if (!roles.Contains(roleName))
return false;
roles.Remove(roleName);
SetRoles(roles);
return true;
}
private void SetRoles(IEnumerable<string> roles)
{
_user.RolesStr = String.Join(Separator, roles);
}
}
I have been inspecting the UserManager<TUser> class with DotPeek, but found no obvious causes for this weird behavior.
What could be causing this?
Your approach to async is fundamentally broken at the moment, because you're returning the same task for all operations... and never starting it. I don't see any "infinite loop" here - I just see you blocking on a task which can never complete.
It's not clear what you hope to accomplish with your EmptyTask task, but it's definitely not helping you at the moment.
Furthermore, it's not clear that your code is really asynchronous in any aspect, unless _session.Save (etc) are really asynchronous.
You could improve things somewhat by just running extra tasks, e.g.
public Task CreateAsync(TUser user)
{
Action action = () => _session.Save(user);
return Task.Run(action);
}
... although the fact that you're then immediately blocking on the task in the calling code makes it pointless, too. (It's not even clear how this compiles at the moment, as Task doesn't have a Result property... only Task<T> does.)
As noted in comments, this will create a new task which will effectively run synchronously in a new thread - using more threads than you'd otherwise need, with the potential benefit of parallelism. It doesn't achieve the same goals as a properly asynchronous database call (where there wouldn't be any threads tied up for the save call - just a task which would complete when the relevant network response was returned).
If you don't really care about it being asynchronous, you can use:
public Task CreateAsync(TUser user)
{
_session.Save(user);
return Task.FromResult<object>(null);
}
This will synchronously save (just like your current code does) but then return a completed task (rather than the task which will never complete, as per your current code).
Related
I have to code, When user table gets a new record, then automatically create record in siteUSer table with userID and siteCodeId in .net core.
user table does not have siteCodeId as a column. I need to add a record of userId with corresponding siteCodeID into siteUSer table.
public class SiteUsers
{
public int SiteCodeId { get; set; }
public SiteCode SiteCode { get; set; }
public string UserId { get; set; }
public User User { get; set; }
}
This is usersController.cs:
[HttpPost]
public async Task<IActionResult> Create(UserBO userBO)
{
try
{
await _userService.CreateUserAsync(userBO);
return Created(nameof(Get), userBO);
}
catch (Exception ex)
{
return HandleException(ex);
}
}
This is usersService.cs:
public async Task<UserBO> CreateUserAsync(UserBO userBO)
{
var user = new User
{
UserName = userBO.UserName,
Email = userBO.Email,
EmailConfirmed = true,
RecordState = Enums.RecordState.Active,
};
var result = await _userManager.CreateAsync(user, userBO.Password);
if (userBO.Roles.Count > 0)
{
// superadmin users can be created manually
userBO.Roles = userBO.Roles.Where(i => i != "SuperAdmin").ToList();
}
foreach (var item in userBO.Roles)
{
await _userManager.AddToRoleAsync(user, item);
}
return userBO;
}
You are performing three operations:
Create a new user
Add the user to some roles
Create a SiteUsers for the user
Add the following methods for each of these operations in UserService.cs.
Inject the DbContext(assuming you are using EF Core; if not, inject the equivalent service to add SiteUsers to the database). Use this service to add a new SiteUsers to the database.
Also, you can use the email from the UserBO to look up an already created user.
You don't even need to use a for loop to add a user to multiple roles, you can use AddToRolesAsync() that takes in an IEnumerable<string>:
public async Task<IdentityResult> CreateUserAsync(UserBO userBO)
{
var user = new User
{
UserName = userBO.UserName,
Email = userBO.Email,
EmailConfirmed = true,
RecordState = Enums.RecordState.Active,
};
return await _userManager.CreateAsync(user, userBO.Password);
}
public async Task CreateSiteUsersAsync(UserBO userBO, User user)
{
SiteUsers siteUsers = new SiteUsers { UserId = user.Id, User = user };
await _context.AddAsync(siteUsers);
await _context.SaveChangesAsync();
}
public async Task<IdentityResult> AddToRolesAsync(UserBO userBO, User user)
{
if (userBO.Roles.Count > 0)
{
userBO.Roles = userBO.Roles.Where(i => i != "SuperAdmin").ToList();
}
return await _userManager.AddToRolesAsync(user, userBO.Roles);
}
public async Task<User> FindByEmailAsync(string email) => _userManager.FindByEmailAsync(email);
Now, in your controller action, call each method:
public async Task<IActionResult> Create(UserBO userBO)
{
try
{
//Create user
IdentityResult createUserResult = await _userService.CreateUserAsync(userBO);
if(!createUserResult.Succeeded)
{
//Handle error
}
//Find created user
User user = await _userService.FindByEmailAsync(userBO.Email);
if(user is null)
{
//Handle error
}
//Add to roles
IdentityResult addToRolesResult = await _userService.AddToRolesAsync(userBO, user);
if(!addToResult.Succeeded)
{
//Handle error
}
await CreateSiteUsersAsync(userBO, user)
return Created(nameof(Get), userBO);
}
catch (Exception ex)
{
return HandleException(ex);
}
}
Please try the following code , it should work
var userName=UserBPO.email;
var user=_userManager.FindByNameAsync(userName);// You can use FindByEmailAsync as well
if(user!=null)
{
//Assign the role and populate SiteUsers
//Save SiteCode to database and get its ID in siteId
SiteUsers siteUsers = new SiteUsers { UserId = user.Id, SiteCodeId=siteId };
await _context.AddAsync(siteUsers);
}
You can try something like this, which would also fix the problem of getting the user id from the web request context.
Create an API service SiteUserService, that allows you to add site users.
Inject the data context and HTTP context.
Create a method CreateSiteUser() that takes the site code id and generates the SiteUser record.
Call API service SiteUserService method CreateSiteUser() from the web client.
The CreateSiteUser() method can be included within an existing or new controller method.
The service class SiteUserService is shown below:
public class SiteUserService
{
private readonly HttpContext _context;
private ApplicationDbContext _db;
public SiteUserService(IHttpContextAccessor httpContextAccessor,
ApplicationDbContext db)
{
_context = httpContextAccessor.HttpContext;
_db = db;
}
public async Task CreateSiteUser(int siteCodeID)
{
var siteUser = new SiteUsers
{
SiteCodeId = siteCodeID,
SiteCode = new SiteCode()
{
// set your site code properties in here..
},
UserId = _context.Request.HttpContext.User.Id,
User = new User()
{
// set your user properties in here
// e.g. _context.Request.HttpContext.User.Identity.Name
}
};
_db.Add(siteUser);
await _db.SaveChangesAsync();
}
...
}
The SiteCode and User object properties can be populated as needed.
I am working on an API and am having problems with making multiple calls to a service and it's different methods, I have each method creating and using new DBContext (or at least that's the intention), but after the first service call the others complain that the DBContext has been disposed, I was hoping you could point me in the right direction, because as far as I can see I am creating a new context for each of these calls - obviously I am doing something wrong here, any help would be much appreciated.
The actual error I am getting is "Cannot access a disposed object."
I know I can maybe pull the db interaction and context creation code out of the service and into the controller method here (it's a simplified example), but will need to use more services in other parts of the application and have encountered the problem there also, so would like to try and identify what is causing my problem in this example so that I can apply the fix elsewhere.
Here are the simplified classes involved.
public class UserController : Controller
{
private readonly IUserService userService;
public UserController(IUserService userService)
{
this.userService = userService;
}
[HttpPost]
[ActionName("PostUserDetails")]
public async Task<IActionResult> PostUserDetails([FromBody]UserDetailsContract userDetailsContract)
{
// this call is fine
var user = await userService.GetUserByCode(userDetailsContract.Code);
if (user == null)
{
return BadRequest("User not found");
}
// this call fails with the object disposed error
var userDetails = await userService.GetUserDetailsByCode(userDetailsContract.Code);
if (userDetails != null)
{
return BadRequest("UserDetails already exists");
}
// .. go on to save new entity
return Ok();
}
}
public class UserService : IUserService
{
private readonly IDatabaseFactory databaseFactory;
public UserService(IDatabaseFactory databaseFactory)
{
this.databaseFactory = databaseFactory;
}
public async Task<User> GetUserByCode(string code)
{
using (var db = databaseFactory.Create())
{
return await db.Users.GetByCode(code);
}
}
public async Task<IEnumerable<UserDetail>> GetUserDetailsByCode(string code)
{
using (var db = databaseFactory.Create())
{
return await db.UserDetails.GetByCode(code);
}
}
}
public class ApiDbContext : DbContext, IApiDbContext
{
public DbSet<User> Users { get; set; }
public DbSet<UserDetail> UserDetails { get; set; }
protected override void OnConfiguring(DbContextOptionsBuilder optionsBuilder)
{
optionsBuilder.UseSqlServer(#"Server=192.168.1.1;Database=dbname;User Id=user; Password=pwd; MultipleActiveResultSets=True;");
}
}
public class DatabaseFactory : IDatabaseFactory
{
public IApiDatabase Create()
{
return new ApiDatabase(new ApiDbContext());
}
}
public class ApiDatabase : RepositoriesBase, IApiDatabase
{
private IUserRepository userRepository;
private IUserDetailsRepository userDetailsRepository;
public ApiDatabase(ApiDbContext context) : base(context)
{
}
public IUserRepository Users => userRepository ?? (userRepository = new UserRepository(context));
public IUserDetailsRepository UserExchange => userDetailsRepository ?? (userDetailsRepository = new UserDetailsRepository(context));
}
public abstract class RepositoriesBase : IRepositories
{
internal readonly ApiDbContext context;
private bool isDisposing;
protected RepositoriesBase(ApiDbContext context)
{
}
public void Dispose()
{
if (!isDisposing)
{
isDisposing = true;
context?.Dispose();
}
}
public Task SaveChanges() => context.SaveChangesAsync();
}
public class UserRepository : Repository<User>, IUserRepository
{
public UserRepository(ApiDbContext context) : base(context)
{
}
public async Task<User> GetByCode(string code)
{
return Filter(x => x.code == code).Result.FirstOrDefault();
}
}
public class UserDetailsRepository : Repository<UserDetail>, IUserDetailRepository
{
public UserExchangeRepository(ApiDbContext context) : base(context)
{
}
public async Task<IEnumerable<UserDetail>> GetByUserId(int userId)
{
return await Filter(x => x.UserId == userId);
}
}
public class Repository<T> : IRepository<T> where T : class, IEntity
{
private readonly ApiDbContext context;
public Repository(ApiDbContext context) => this.context = context;
public async Task Add(T entity)
{
context.Set<T>().Add(entity);
}
public async Task Add(IEnumerable<T> entities)
{
foreach (var entity in entities)
{
context.Set<T>().Add(entity);
}
}
public async Task Delete(T entity)
{
context.Set<T>().Remove(entity);
}
public async Task Delete(IEnumerable<T> entities)
{
foreach (var entity in entities)
{
context.Set<T>().Remove(entity);
}
}
public async Task Delete(int id)
{
var entityToDelete = context.Set<T>().FirstOrDefault(e => e.Id == id);
if (entityToDelete != null)
{
context.Set<T>().Remove(entityToDelete);
}
}
public async Task Update(T entity)
{
context.Set<T>().Update(entity);
}
public async Task Edit(T entity)
{
var editedEntity = context.Set<T>().FirstOrDefault(e => e.Id == entity.Id);
editedEntity = entity;
}
public async Task<IEnumerable<T>> GetAll(Expression<Func<T, bool>> predicate = null)
{
var query = context.Set<T>().Include(context.GetIncludePaths(typeof(T)));
if (predicate != null)
{
query = query.Where(predicate);
}
return await query.ToListAsync();
}
public async Task<T> GetById(int id)
{
return context.Set<T>().FirstOrDefault(e => e.Id == id);
}
public async Task<IEnumerable<T>> Filter()
{
return context.Set<T>();
}
public virtual async Task<IEnumerable<T>> Filter(Func<T, bool> predicate)
{
return context.Set<T>().Where(predicate);
}
public async Task SaveChanges() => context.SaveChanges();
}
In my DI config I have DatabaseFactory and UserService defined as singletons.
Error: "Cannot access a disposed object."
More error details: " at
Microsoft.EntityFrameworkCore.DbContext.CheckDisposed() at
Microsoft.EntityFrameworkCore.DbContext.get_DbContextDependencies()
at Microsoft.EntityFrameworkCore.DbContext.get_Model() at
Microsoft.EntityFrameworkCore.Internal.InternalDbSet1.get_EntityType()
at
Microsoft.EntityFrameworkCore.Internal.InternalDbSet1.get_EntityQueryable()
at
Microsoft.EntityFrameworkCore.Internal.InternalDbSet1.System.Collections.Generic.IEnumerable<TEntity>.GetEnumerator()
at System.Linq.Enumerable.WhereEnumerableIterator1.MoveNext() at
System.Linq.Enumerable.Any[TSource](IEnumerable1 source, Func2
predicate) at
App.Api.Controllers.UserController.PostUserDetail(UserDetailContract
userDetailContract) in
D:\Repositories\application\src\App\Api\Controllers\UserController.cs:line
89"
Thank you
I think you may be a victim of delayed execution. The following piece of code creates an instance of of ApiDatabase which in turn creates a new ApiDbContext:
public IApiDatabase Create() //in DatabaseFactory
{
return new ApiDatabase(new ApiDbContext());
}
I detect a code smell here, by the way, as ApiDbContext is disposable so you should be tracking this reference and disposing of it properly.
Anyways, ApiDatabase is disposable since it's wrapped in a using statement, so I think the the context is being disposed after the call to GetByUserId:
public async Task<IEnumerable<UserDetail>> GetByUserId(int userId)
{
return await Filter(x => x.UserId == userId);
}
Notice you are returning an enumeration. I think it may not be materialized by the time you use it, hence the error. Add a cast to an array to force materialization:
return await Filter(x => x.UserId == userId).ToArray();
Your problem is the signature of this method:
public async Task<IEnumerable<UserDetail>> GetUserDetailsByCode(string code)
{
using (var db = databaseFactory.Create())
{
return await db.UserDetails.GetByCode(code);
}
}
IEnumerable<T> is an enumerable, which are generally lazy-evaluated. In the meantime, the Task<T> is considered complete once the enumerable is defined (not when it is completed). And the context is disposed once that enumerable is defined. You would have the same problem if the code was synchronous.
The fix is to "reify" (evaluate) the enumerable before the context is disposed:
public async Task<IReadOnlyCollection<UserDetail>> GetUserDetailsByCode(string code)
{
using (var db = databaseFactory.Create())
{
return await db.UserDetails.GetByCode(code).ToList();
}
}
I have a service, which works with external resource (Microsoft Graph):
public class Office365DomainService : IOffice365DomainService
{
private GraphServiceClient _graphClient;
public async Task AddDomainAsync(string domain)
{
await _graphClient.Domains.Request().AddAsync(new Microsoft.Graph.Domain { Id = domain });
}
public async Task<string> GetMxRecordForDomainAsync(string domain)
{
var collection = await _graphClient.Domains[domain].ServiceConfigurationRecords.Request().GetAsync();
return String.Empty;
}
public async Task<string> GetVerificationRecordForDomainAsync(string domain)
{
var records = (await _graphClient.Domains[domain].VerificationDnsRecords.Request().GetAsync());
string verificationText = String.Empty;
foreach (var record in records)
{
if (record.RecordType == "Txt")
{
verificationText = ((Microsoft.Graph.DomainDnsTxtRecord)record).Text;
break;
}
}
return verificationText;
}
public async Task VerifyDomainAsync(string domain)
{
await _graphClient.Domains[domain].Verify().Request().PostAsync();
}
}
_graphClient should be init with access_token, but I want to have lazy loading, therefore I don't want to add it to constructor.
Ok, one solution is add a property:
public string AccessToken { set => _graphClient = (new GraphSdkHelper()).GetAuthenticatedClient(value); }
It works fine, if we remember to set AccessToken before calling any method. But if we forget to do it? The best way it is to call getting access_token by another service if this _graphClient is not init. How to do it carefully?
Why not use Lazy Initialization ?
Please take a look at the docs here
I have an MVC5 application with .net 4.7.2 and I'm trying to have my customized version of .net Identity classes. I've followed the steps in this tutorial, with some changes here and there, because my project rely on a set of WCF services to communicate with the database, so I don't have direct connection to the database:
overview-of-custom-storage-providers-for-aspnet-identity
So mainly I've created my own MyUserStore which implements IUserStore and IUserRoleStore, and I've added this to Startup.cs:
public void ConfigureAuth(IAppBuilder app)
{
app.CreatePerOwinContext<MyUserManager>(MyUserManager.Create);
}
Now the problem that the IsInRole methods are not getting invoked, and also I had break point for methods like FindByIdAsync, FindByNameAsync and IsInRoleAsync and nothing got invoked, even though I've added
[Authorize(Roles ="TestRole")] attribute to couple actions and has tried to invoke this explicitly:
this.User.IsInRole("TestRole");
What I'm missing here to have it work in the proper way?
Edit #1 - adding the whole code:
Here under is the User Store related classes:
public class MyUserStore :
IUserStore<MyIdentityUser, int>,
IUserRoleStore<MyIdentityUser, int>,
IQueryableUserStore<MyIdentityUser, int>,
IDisposable
{
public Task CreateAsync(MyIdentityUser account)
{
// Add account to DB...
return Task.FromResult<object>(null);
}
public Task<MyIdentityUser> FindByIdAsync(int accountId)
{
// Get account from DB and return it
return Task.FromResult<MyIdentityUser>(account);
}
public Task<MyIdentityUser> FindByNameAsync(string userName)
{
// Get account from DB and return it
return Task.FromResult<MyIdentityUser>(account);
}
public Task UpdateAsync(MyIdentityUser account)
{
// Update account in DB
return Task.FromResult<object>(null);
}
public Task AddToRoleAsync(MyIdentityUser account, string roleName)
{
throw new NotImplementedException("UserStore.AddToRoleAsync");
return Task.FromResult<object>(null);
}
public Task<IList<string>> GetRolesAsync(MyIdentityUser account)
{
// TODO: Check if important to implement
throw new NotImplementedException("UserStore.GetRolesAsync");
}
public Task<bool> IsInRoleAsync(MyIdentityUser account, string task)
{
// Return true if has permission (not getting invoked)
return Task.FromResult<bool>(hasPermission);
}
public Task RemoveFromRoleAsync(MyIdentityUser account, string task)
{
throw new NotImplementedException("UserStore.RemoveFromRoleAsync");
}
public Task DeleteAsync(MyIdentityUser account)
{
// Delete user from DB
return Task.FromResult<Object>(null);
}
}
public class MyUserRole : IdentityUserRole<int> { }
public class MyUserClaim : IdentityUserClaim<int> { }
public class MyUserLogin : IdentityUserLogin<int> { }
public class MyIdentityUser : IdentityUser<int, MyUserLogin, MyUserRole, MyUserClaim>
{
public MyIdentityUser(int id)
{
Id = id;
}
// My extra account's properties
}
}
And here is the UserManager class:
public class MyUserManager : UserManager<MyIdentityUser, int>
{
public MyUserManager(IUserStore<MyIdentityUser, int> store)
: base(store) { }
public static MyUserManager Create(IdentityFactoryOptions<MyUserManager> options, IOwinContext context)
{
///Calling the non-default constructor of the UserStore class
var manager = new MyUserManager(new MyUserStore());
manager.UserValidator = new UserValidator<MyIdentityUser, int>(manager)
{
AllowOnlyAlphanumericUserNames = false,
RequireUniqueEmail = true
};
// Configure validation logic for passwords
manager.PasswordValidator = new PasswordValidator
{
RequiredLength = 6,
};
// Configure user lockout defaults
manager.UserLockoutEnabledByDefault = false;
manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(5);
manager.MaxFailedAccessAttemptsBeforeLockout = 3;
// You can write your own provider and plug it in here.
return manager;
}
}
And maybe this is the most important part, the login controller:
var manager = HttpContext.GetOwinContext().GetUserManager<MyUserManager>();
//check for credentials before sign in ..
var result = manager.CheckPasswordAsync(vm.userName, vm.password, ref state);
if(result.Result)
{
FormsAuthentication.SetAuthCookie(vm.userName, vm.rememberMe);
return Redirect("~/");
}
Regards,
I'm writing custom implementation of IUserPasswordStore<Client> but I got FormatException during login process.
It seems like method GetPasswordHashAsync or someone who call this method calls Microsoft.AspNet.Identity.Crypto.VerifyHashedPassword(String hashedPassword, String password) which cause FormatException with message
Invalid length for a Base-64 char array or string.
Here is my implementation of IUserPasswordStore<Client>
public partial class ClientRepository : IUserStore<Client>, IUserPasswordStore<Client>, IUserLockoutStore<Client, string>
{
public Task CreateAsync(Client user)
{
return Task.Factory.StartNew(() => Create(user));
}
public Task UpdateAsync(Client user)
{
return Task.Factory.StartNew(() => Update(user));
}
public Task DeleteAsync(Client user)
{
return Task.Factory.StartNew(() => Delete(user));
}
public Task<Client> FindByIdAsync(string userId)
{
return Task.FromResult(Find(userId));
}
public Task<Client> FindByNameAsync(string userName)
{
return Task.FromResult(FetchOne(new ClientByUsername(userName)));
}
public Task SetPasswordHashAsync(Client user, string passwordHash)
{
return Task.Factory.StartNew(() => user.Password = passwordHash);
}
public Task<string> GetPasswordHashAsync(Client user)
{
return Task.FromResult(user.Password);
}
public Task<bool> HasPasswordAsync(Client user)
{
return Task.Factory.StartNew(() => !string.IsNullOrEmpty(user.Password));
}
public Task<DateTimeOffset> GetLockoutEndDateAsync(Client user)
{
return Task.FromResult<DateTimeOffset>(user.LockoutTo ?? DateTime.Now);
}
public Task SetLockoutEndDateAsync(Client user, DateTimeOffset lockoutEnd)
{
return Task.Factory.StartNew(() => user.LockoutTo = lockoutEnd.DateTime);
}
public Task<int> IncrementAccessFailedCountAsync(Client user)
{
return Task.FromResult(++user.LoginAttempts);
}
public Task ResetAccessFailedCountAsync(Client user)
{
return Task.Factory.StartNew(() => user.LoginAttempts = 0);
}
public Task<int> GetAccessFailedCountAsync(Client user)
{
return Task.Factory.StartNew(() => user.LoginAttempts);
}
public Task<bool> GetLockoutEnabledAsync(Client user)
{
return Task.FromResult(false);
}
public Task SetLockoutEnabledAsync(Client user, bool enabled)
{
return Task.FromResult(0);
}
public void Dispose()
{
database = null;
Manager = null;
context = null;
}
}
And my question: Where is called Microsoft.AspNet.Identity.Crypto.VerifyHashedPassword(String hashedPassword, String password) and what should I return in GetPasswordHashAsync?
For start I'm using password in plain text...
Edit: I thought, maybe I should provide some kind of hash service, so I add dummy implementation of IPasswordHasher for my purpose to use plain text
public class CustomPasswordHasher : IPasswordHasher
{
public string HashPassword(string password)
{
return password; //return password as is
}
public PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword)
{
if (hashedPassword.Equals(providedPassword))
{
return PasswordVerificationResult.Success;
}
return PasswordVerificationResult.Failed;
}
}
// and use it
public class ApplicationUserManager : UserManager<Client>
{
public ApplicationUserManager(IUserStore<Client> store, IPasswordHasher hasher)
: base(store)
{
// ...
PasswordHasher = hasher;
}
}
but breakpoints inside CustomPasswordHasher weren't hit, so propably I'm missing something...
Fixed. I was right with to use CustomPasswordHasher, but I had bug in Unity composition root. lol