我正在阅读有关Microsoft的用户身份并尝试将其应用于我的MVC5应用程序。
据我所知,Id是关键,而userName不是键,定义说它可以为null, 所以我问自己......为什么在MVC5项目模板中,当你输入一个已经存在的userName时,你会收到一条错误信息?
我试图达到userName验证,但我无法做到。
这是数据库定义:
CREATE TABLE [dbo].[AspNetUsers] (
[Id] NVARCHAR (128) NOT NULL,
[UserName] NVARCHAR (MAX) NULL,
这里是IdentityUser定义,通知(无验证):
namespace Microsoft.AspNet.Identity.EntityFramework
{
public class IdentityUser : IUser
{
public IdentityUser();
public IdentityUser(string userName);
public virtual ICollection<IdentityUserClaim> Claims { get; }
public virtual string Id { get; set; }
public virtual ICollection<IdentityUserLogin> Logins { get; }
public virtual string PasswordHash { get; set; }
public virtual ICollection<IdentityUserRole> Roles { get; }
public virtual string SecurityStamp { get; set; }
public virtual string UserName { get; set; }
}
}
在注册时,调用UserManager.CreateAsync方法,这里是定义:
public async Task<ActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
var user = new ApplicationUser() { UserName = model.UserName };
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
await SignInAsync(user, isPersistent: false);
return RedirectToAction("Index", "Home");
}
else
{
AddErrors(result);
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
这是关于CreateAsync的最后一件事:
public virtual Task<IdentityResult> CreateAsync(TUser user, string password);
我在代码中的任何地方都没有看到验证,但是它不允许您输入现有的userName。
我认为理解这是如何工作将改善我使用asp.net的Identity概念的经验,并将改进我的代码。
非常感谢任何指导
答案 0 :(得分:9)
这发生在IdentityDbContext&lt; TUser&gt;中,您的ApplicationDbContext可能继承自。它会覆盖DbContext的ValidateEntity方法来进行检查。请参阅此反编译代码:
protected override DbEntityValidationResult ValidateEntity(DbEntityEntry entityEntry, IDictionary<object, object> items)
{
if ((entityEntry != null) && (entityEntry.State == EntityState.Added))
{
TUser user = entityEntry.Entity as TUser;
if ((user != null) && this.Users.Any<TUser>(u => string.Equals(u.UserName, user.UserName)))
{
return new DbEntityValidationResult(entityEntry, new List<DbValidationError>()) { ValidationErrors = { new DbValidationError("User", string.Format(CultureInfo.CurrentCulture, IdentityResources.DuplicateUserName, new object[] { user.UserName })) } };
}
IdentityRole role = entityEntry.Entity as IdentityRole;
if ((role != null) && this.Roles.Any<IdentityRole>(r => string.Equals(r.Name, role.Name)))
{
return new DbEntityValidationResult(entityEntry, new List<DbValidationError>()) { ValidationErrors = { new DbValidationError("Role", string.Format(CultureInfo.CurrentCulture, IdentityResources.RoleAlreadyExists, new object[] { role.Name })) } };
}
}
return base.ValidateEntity(entityEntry, items);
}
如果您不想要这种行为,可以直接从DbContext继承。
答案 1 :(得分:3)
当我查看ASP.NET身份的示例(https://www.nuget.org/packages/Microsoft.AspNet.Identity.Samples)时,我注意到他们使用的UserValidator默认设置为RequireUniqueEmail = true;
该示例使用以下代码将RequireUniqueEmail属性设置为true。
public static ApplicationUserManager Create(IdentityFactoryOptions<ApplicationUserManager> options, IOwinContext context)
{
var manager = new ApplicationUserManager(new UserStore<ApplicationUser>(context.Get<ApplicationDbContext>()));
// Configure validation logic for usernames
manager.UserValidator = new UserValidator<ApplicationUser>(manager)
{
AllowOnlyAlphanumericUserNames = false,
RequireUniqueEmail = true
};
return manager;
}
也许这就是您的MVC应用程序中用户名是唯一的原因。 尝试将属性设置为false!?