asp.net core mvc password validators

Question

What is the easy way to customize password validation rules in asp.net core MVC? The problem is exactly like someone had here How To Change Password Validation in ASP.Net MVC Identity 2? the only difference is that I'm using asp.net CORE MVC (latest build) with Visual Studio 2015. I'd like to remove all password validation rules. There is no ApplicationUserManager class in the project, also I'm not sure if it's possible to customize UserManager validation rules in the Startup.cs file.

Answer 1

public void ConfigureServices(IServiceCollection services)
{
     services.AddIdentity<ApplicationUser, IdentityRole>(options =>
            {
                options.Password.RequireDigit = true;
                options.Password.RequireLowercase = true;
                options.Password.RequireNonAlphanumeric = true;
                options.Password.RequireUppercase = true;
                options.Password.RequiredLength = 6;
                options.User.AllowedUserNameCharacters = null;
            })
            .AddEntityFrameworkStores<ApplicationDbContext>()
            .AddDefaultTokenProviders();
}

Note: You should also change your new settings in RegisterViewModel.Password, ResetPasswordViewModel.Password, ChangePasswordViewModel.NewPassword and SetPasswordViewModel.NewPassword. to enable the new validation on front end.

Answer 2

If you want simply disable some password restrictions (RequireLowercase, RequiredLength etc) - configure IdentityOptions.Password in Startup, like this:

services.Configure<IdentityOptions>(o =>
{
    o.Password.RequiredLength = 12;
});

If you want completely change password validation logic - implement IPasswordValidator and register it in Startup.

Answer 3

Also you can use a public class to customize your errors messages. Like this:

public class CustomIdentityErrorDescriber : IdentityErrorDescriber
{
    public override IdentityError PasswordRequiresDigit()
    {
        return new IdentityError
        {
            Code = nameof(PasswordRequiresDigit),
            Description = "Your personal describe error message here."
        };
    }

}

In your Statup.cs, in ConfigureService add:

public void ConfigureServices(IServiceCollection services)
{
    services.AddIdentity<ApplicationUser, IdentityRole>()
            .AddEntityFrameworkStores<IdentityContext>()
            .AddErrorDescriber<CustomIdentityErrorDescriber>()
            .AddDefaultTokenProviders();

     //...
}