8

What I'm trying to do is simply allow alphanumeric characters in the .NET MVC 6 / vNext registration process and every tutorial I've seen (ie Configure Microsoft.AspNet.Identity to allow email address as username) references UserManager.UserValidator, in which is now not available in the current framework.

I've seen this: UserValidator in Microsoft.AspNet.Identity vnext which looks to be the same issue as mine, but they've taken the UserNameValidationRegex property out of the framework since. Brilliant.

services.AddIdentity<ApplicationUser, IdentityRole>( o => { o.Password.RequireDigit = false; o.Password.RequireLowercase = false; o.Password.RequireUppercase = false; o.Password.RequireNonLetterOrDigit = false; o.Password.RequiredLength = 2; //o.User.AllowedUserNameCharacters here seems to be the only logical thing I can access }) .AddEntityFrameworkStores<ApplicationDbContext>() .AddDefaultTokenProviders();

I've found o.User.AllowedUserNameCharacters, but with there being no documentation that I've found on this I've no idea what format I have to set that in? Anyone out there that's in the same boat and worked this out?

Thanks in advance.

Improve this question

3 Answers 3

Reset to default
12

I took a look at the aspnet/Identity GitHub repository and did a search for the property you have found (AllowedUserNameCharacters). Here's what I've got.

From the UserOptions.cs class in the repo: [Link Here]

/// <summary> /// Gets or sets the list of allowed characters in the username used to validate user names. /// </summary> /// <value> /// The list of allowed characters in the username used to validate user names. /// </value> public string AllowedUserNameCharacters { get; set; } = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._@+";

So it would seem that you will need to set this property to be "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789" (i.e. remove the symbols from the end of the orginally set string. This should achieve what you want.

In terms of why this change was made, according to issue #558, they are trying to move away from regular expressions for increased security. Have a look here for the full details.

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Really appreciate you spending the time going through the Github repository and answering this one for me, I'm sure it's going to help a lot of others out in the future too. Thank you!
@ChrisDixon You're welcome sir. Glad it was useful :)
Just stumbled upon this answer. Seriously?! What about usernames containing e.g. cyrillic characters or umlauts or any other non ASCII UTF8-16 char?! Can this field be empty to skip the check at all?!
Okay, string.empty skips the check ... meh ... this all seems to be rather overcomplicated atm
The default value for this has been updated to include the + symbol. Issue tracker and source
2

As @DoubleVoid pointed out in the comments, you can use an empty string to allow any characters.

Improve this answer

Comments

0

In case you want special character in your email. Try code below

 services.Configure<IdentityOptions>(options = { options.User.AllowedUserNameCharacters = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!#$%&'*+-/=?^_`{|}~.@"; });

Valid email address https://en.wikipedia.org/wiki/Email_address#Local-part

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.