public void Config()
{
CarrotSecurityConfig config = CarrotSecurityConfig.GetConfig();
// Configure validation logic for usernames
this.UserValidator = new UserValidator <ApplicationUser>(this)
{
AllowOnlyAlphanumericUserNames = config.UserValidator.AllowOnlyAlphanumericUserNames,
RequireUniqueEmail = config.UserValidator.RequireUniqueEmail
};
// Configure validation logic for passwords
this.PasswordValidator = new PasswordValidator {
RequiredLength = config.PasswordValidator.RequiredLength,
RequireNonLetterOrDigit = config.PasswordValidator.RequireNonLetterOrDigit,
RequireDigit = config.PasswordValidator.RequireDigit,
RequireLowercase = config.PasswordValidator.RequireLowercase,
RequireUppercase = config.PasswordValidator.RequireUppercase,
};
// Configure user lockout defaults
this.UserLockoutEnabledByDefault = config.AdditionalSettings.UserLockoutEnabledByDefault;
this.MaxFailedAccessAttemptsBeforeLockout = config.AdditionalSettings.MaxFailedAccessAttemptsBeforeLockout;
this.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(config.AdditionalSettings.DefaultAccountLockoutTimeSpan);
// Register two factor authentication providers. This application uses Phone and Emails as a step of receiving a code for verifying the user
// You can write your own provider and plug it in here.
this.RegisterTwoFactorProvider("Phone Code", new PhoneNumberTokenProvider <ApplicationUser> {
MessageFormat = "Your security code is {0}"
});
this.RegisterTwoFactorProvider("Email Code", new EmailTokenProvider <ApplicationUser> {
Subject = "Security Code",
BodyFormat = "Your security code is {0}"
});
this.EmailService = new EmailService();
this.SmsService = new SmsService();
var provider = new DpapiDataProtectionProvider(config.AdditionalSettings.DataProtectionProviderAppName);
if (provider != null)
{
this.UserTokenProvider = new DataProtectorTokenProvider <ApplicationUser>(provider.Create("UserToken"))
{
TokenLifespan = TimeSpan.FromDays(7)
};
}
}