Interfaces

Project

Facilities IdentityStore Prius

NuGet packageOwin.Framework.Facilities.IdentityStore.Prius
GitHub sourceOwinFramework.Facilities.IdentityStore.Prius

Home |  Readme

An implementation of the IIdentityStore facility that persists user account and login information using the Prius ORM

The authorization repository readme file contains documentation on the key concepts around authorization in the Owin Framework. It is strongly recommended that you read it before using this assembly.

This package provides an implementation of the following interfaces:

  • IIdentityStore provides a persistence mechanism for agents that can identify themselves to the system. This includes username/password combinations, shared secrets, certificates and OAuth tokens.
  • IIdentityDirectory provides a way for administrators to search for an identity so that they can assign permissions. For example you might want to search your Active Directory for users. In the case of this implementation it searches the SQL database that was populated by calls to the IIdentityStore interface.
  • IPasswordHasher provides a versioned password hashing algorithm. When users update their password it will be hashed with the latest version. When users login the version of the hashing algorithm that was used to store their password will be used to validate their password.
To make these implementations available to other packages that need these interfaces you just need to add the NuGet package to the project - that's it, there is nothing else to do.
You can override these interface implementations individually within your application by adding your application assembly to Ioc Modules explicitly after probing the bin folder. For example you might want to just override the password hasher but use the other implementations from this assembly.
This package persists identity data using the Prius ORM. You will need to create a database and configure Prius within your application for this to work. The source code for this project includes an SqlScripts folder containing the SQL scrips you need to create the database.

Default Configuration

The configuration below is the configuration you will get by default if you do not provide a configuration for this package.

{
   "owinFramework": {
      "facility": {
         "identityStore.Prius": {
            "priusRepositoryName": "IdentityStore",
            "identityUrnNamespace": "identity",
            "mixedCaseTokens": false,
            "mixedCaseIdentity": false,
            "mixedCaseSharedSecret": true,
            "minimumUserNameLength": 3,
            "maximumUserNameLength": 80,
            "userNameRegex ": "^[a-zA-Z0-9@_.-]*$",
            "minimumPasswordLength": 8,
            "maximumPasswordLength": 160,
            "passwordRegex": ".*",
            "failedLoginsToLock": 5,
            "lockDuration": "04:00:00",
            "rememberMeFor": "90d"
         }
      }
   }
}

Configuration notes

  • Mixed case identifiers are slightly shorter but you must ensure that the casing is preserved throughout the rest of your code. All lower case identifiers are only slightly longer.
  • The identityUrnNamespace will be used to construct URNs that uniquely identifiy identities. The default value of "identity" means that URNs will be similar to "urn:identity:abc123".