我有一个使用 Identity 的 ASP.NET 项目.对于有关密码的身份配置，正在使用 PasswordValidator.如何在 PasswordValidator 当前(RequiredLength、RequiredDigit 等)之外扩展密码的执行，以满足要求输入密码的要求N 天后过期?

I have a ASP.NET project using Identity. For Identity Configuration regarding passwords, the PasswordValidator is being used. How do I expand the enforcement of password beyond what PasswordValidator has currently (RequiredLength, RequiredDigit, etc.) to satisfy a requirement that asks for password expiration after N days?

推荐答案

ASP.NET Identity 2 中没有内置这样的功能.最简单的方法是在用户上添加一个字段，例如 LastPasswordChangedDate.然后在每次授权时检查这个字段.

There is no such functionality builtin ASP.NET Identity 2. Easiest is to add a field on the user like LastPasswordChangedDate. And then check this field during each Authorization.

public class ApplicationOAuthProvider : OAuthAuthorizationServerProvider
{
    public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
    {
        var user = await GetUser(context.UserName, context.Password);
        if(user.LastPasswordChangedDate.AddDays(20) < DateTime.Now)
           // user needs to change password

    }
}