当前位置: 文江博客话题详情

如何测试 ASP.NET 成员身份密码是否满足配置的复杂性要求?

发布于 2024-07-11 01:10:20 字数 515 浏览 7 评论 0原文

我有一个 ASP.NET 页面,允许管理员更改用户的密码。 由于管理员不知道用户的密码,因此我使用以下内容:

MembershipUser member = Membership.GetUser(_usernameTextBox.Text);
member.ChangePassword(member.ResetPassword(), _passNewTextBox.Text);

-- 如本 所以问题

如果新密码不满足 web.config 文件中配置的复杂性要求,则密码将被重置,但不会更改为所需的密码。 如果新密码不满足复杂性要求,则根本不应更改密码。

有没有一种简单的方法来测试新密码是否符合复杂性要求?

原文

I have a ASP.NET page which allows an administrator to change the password for a user. Since the administrator does not know the user's password, I am using the following:

MembershipUser member = Membership.GetUser(_usernameTextBox.Text);
member.ChangePassword(member.ResetPassword(), _passNewTextBox.Text);

-- as described by this SO question.

If the new password does not meet the complexity requirements which are configured in the web.config file, then the password will have been reset, but not changed to the desired one. If the new password does not meet complexity requirements, then the password should not change at all.

Is there an easy way to test the new password against the complexity requirements?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(6

回梦 2024-07-18 01:10:20
/// <summary>
/// Checks password complexity requirements for the actual membership provider
/// </summary>
/// <param name="password">password to check</param>
/// <returns>true if the password meets the req. complexity</returns>
static public bool CheckPasswordComplexity(string password)
{
    return CheckPasswordComplexity(Membership.Provider, password);
}


/// <summary>
/// Checks password complexity requirements for the given membership provider
/// </summary>
/// <param name="membershipProvider">membership provider</param>
/// <param name="password">password to check</param>
/// <returns>true if the password meets the req. complexity</returns>
static public bool CheckPasswordComplexity(MembershipProvider membershipProvider, string password)
{
    if (string.IsNullOrEmpty(password)) return false;
    if (password.Length < membershipProvider.MinRequiredPasswordLength) return false;
    int nonAlnumCount = 0;
    for (int i = 0; i < password.Length; i++)
    {
        if (!char.IsLetterOrDigit(password, i)) nonAlnumCount++;
    }
    if (nonAlnumCount < membershipProvider.MinRequiredNonAlphanumericCharacters) return false;
    if (!string.IsNullOrEmpty(membershipProvider.PasswordStrengthRegularExpression) &&
        !Regex.IsMatch(password, membershipProvider.PasswordStrengthRegularExpression))
    {
        return false;
    }
    return true;
}

/// <summary>
/// Checks password complexity requirements for the actual membership provider
/// </summary>
/// <param name="password">password to check</param>
/// <returns>true if the password meets the req. complexity</returns>
static public bool CheckPasswordComplexity(string password)
{
    return CheckPasswordComplexity(Membership.Provider, password);
}


/// <summary>
/// Checks password complexity requirements for the given membership provider
/// </summary>
/// <param name="membershipProvider">membership provider</param>
/// <param name="password">password to check</param>
/// <returns>true if the password meets the req. complexity</returns>
static public bool CheckPasswordComplexity(MembershipProvider membershipProvider, string password)
{
    if (string.IsNullOrEmpty(password)) return false;
    if (password.Length < membershipProvider.MinRequiredPasswordLength) return false;
    int nonAlnumCount = 0;
    for (int i = 0; i < password.Length; i++)
    {
        if (!char.IsLetterOrDigit(password, i)) nonAlnumCount++;
    }
    if (nonAlnumCount < membershipProvider.MinRequiredNonAlphanumericCharacters) return false;
    if (!string.IsNullOrEmpty(membershipProvider.PasswordStrengthRegularExpression) &&
        !Regex.IsMatch(password, membershipProvider.PasswordStrengthRegularExpression))
    {
        return false;
    }
    return true;
}
回复 原文
梅倚清风 2024-07-18 01:10:20

您可以使用以下属性来测试密码:

请注意,如果您尚未在 web.config 文件中配置,PasswordStrengthRegularExpression 属性将为空字符串。

有关正则表达式匹配的信息,请参阅 Regex.IsMatch(String)< 上的 MSDN 参考/a>

*感谢马特的有用评论。

You can use the following properties to test the password against:

Note that the PasswordStrengthRegularExpression property will be an empty string if you have not configured it in the web.config file.

For info on regular expression matching, see the MSDN reference on Regex.IsMatch(String)

*Thanks to Matt for the helpful comments.

回复 原文
枕梦 2024-07-18 01:10:20

我无权访问维基。

应该调整一行来修复一个小错误。

调整
if (nonAlnumCount < Membership.MinRequiredNonAlphanumericCharacters)
如下
if (nonAlnumCount

I don't have access to the wiki.

One line should be adjusted to fix a small bug.

modify
if (nonAlnumCount < Membership.MinRequiredNonAlphanumericCharacters)
as follows
if (nonAlnumCount < membershipProvider.MinRequiredNonAlphanumericCharacters)

回复 原文
一曲爱恨情仇 2024-07-18 01:10:20

基于Bamba的解决方案,我决定在会员提供者上做一个扩展方法(并减少代码:

    public static bool IsPasswordValid(this MembershipProvider membershipProvider, string password)
    {
        return (!string.IsNullOrEmpty(password) && // Password is not empty or null AND
            password.Length >= membershipProvider.MinRequiredPasswordLength && // Meets required length AND
            password.Count(c => !char.IsLetterOrDigit(c)) >= membershipProvider.MinRequiredNonAlphanumericCharacters && // Contains enough non-alphanumeric characters AND
            (string.IsNullOrEmpty(membershipProvider.PasswordStrengthRegularExpression) || // Either there is no RegEx requirement OR
                Regex.IsMatch(password, membershipProvider.PasswordStrengthRegularExpression))); // It matches the RegEx
    }

要使用它,您只需在需要的地方调用 Membership.Provider.IsPasswordValid(...)

Based on Bamba's solution, I decided to make an extension method on the membership provider (and reduced the code:

    public static bool IsPasswordValid(this MembershipProvider membershipProvider, string password)
    {
        return (!string.IsNullOrEmpty(password) && // Password is not empty or null AND
            password.Length >= membershipProvider.MinRequiredPasswordLength && // Meets required length AND
            password.Count(c => !char.IsLetterOrDigit(c)) >= membershipProvider.MinRequiredNonAlphanumericCharacters && // Contains enough non-alphanumeric characters AND
            (string.IsNullOrEmpty(membershipProvider.PasswordStrengthRegularExpression) || // Either there is no RegEx requirement OR
                Regex.IsMatch(password, membershipProvider.PasswordStrengthRegularExpression))); // It matches the RegEx
    }

To use it, you only have to call Membership.Provider.IsPasswordValid(...) wherever needed.

回复 原文
哆兒滾 2024-07-18 01:10:20

您可以使用正则表达式验证器来检查密码是否满足复杂性要求。

您还可以使用密码强度计控件。

You can use a Regular Expression Validator to check if the password meets the complexity requirements.

Also you can use an Pasword Strength Meter control.

回复 原文
往日 2024-07-18 01:10:20

这可能不是最简单的方法,但在页面上使用正则表达式验证器并使其符合密码要求。 这样,如果密码不正确,您甚至不必发回。

It may not be the easiest way, but use a regular expression validator on the page and make it match the password requirements. That way you don't even have to post back if the password isn't good.

回复 原文
~没有更多了~

关于作者

烟柳画桥

暂无简介

文章
评论
26 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

知足的幸福

文章 0 评论 0

我一向站在原地

文章 0 评论 0

慕烟庭风

文章 0 评论 0

秉忠贞之诚 守退让之实

文章 0 评论 0

小兔几

文章 0 评论 0

mb_3y7WUgWY

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文