Open Closed

Save user Passwords as Plain Text on the database #3245


User avatar
0
oshabani created

If you're creating a bug/problem report, please include followings:

  • ABP Framework version: v5.2
  • UI type: / MVC
  • DB provider: EF Core
  • Tiered (MVC) or Identity Server Separated (Angular): no
  • Exception message and stack trace:
  • Steps to reproduce the issue:"

Salam ,

I need to have users password as a Palin Text , when the user register or update their passwords i want to save the passwords as Plain Text so when i want to migrate all users to different Identity Providers

thanks


5 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team

    hi

    You can custom the IPasswordHasher service. this belongs ASP NET Core Identitiy,

    https://github.com/dotnet/aspnetcore/blob/main/src/Identity/Extensions.Core/src/IPasswordHasher.cs

  • User Avatar
    0
    oshabani created

    hi

    my request is to save the password as plain text NOT hashed code

    how can we do this in ABP

    Thanks ! regards,

    Osama

  • User Avatar
    0
    maliming created
    Support Team

    string HashPassword(TUser user, string password);

    Override this method just return the password

    The Identity will use this interface to hash and verify passwords.

  • User Avatar
    0
    oshabani created

    hi where in the ABP , is there a clear way to do it , a walkthrough sample

    regards,

    Osama

  • User Avatar
    0
    maliming created
    Support Team
    public override void ConfigureServices(ServiceConfigurationContext context)
    {
        context.Services.Replace(ServiceDescriptor.Scoped<IPasswordHasher<IdentityUser>, MyPasswordHasher>());
    }
    
    using Microsoft.AspNetCore.Identity;
    using IdentityUser = Volo.Abp.Identity.IdentityUser;
    
    namespace MyCompanyName.MyProjectName;
    
    public class MyPasswordHasher : IPasswordHasher<IdentityUser>
    {
        public string HashPassword(IdentityUser user, string password)
        {
            return password;
        }
    
        public PasswordVerificationResult VerifyHashedPassword(IdentityUser user, string hashedPassword, string providedPassword)
        {
            return hashedPassword == providedPassword
                ? PasswordVerificationResult.Success
                : PasswordVerificationResult.Failed;
        }
    }
    
Made with ❤️ on ABP v9.1.0-rc.1. Updated on January 17, 2025, 14:13