I would like to have separate password complexity settings for the host vs tenants, namely I want the host to have a high complexity (with maybe 2FA) but the tenants would have the default password complexity, which is not as high.
Currently in the framework, if the host sets a high complexity, then every tenant also has a high complexity unless the tenant changes it.
2 Answer(s)
-
0
You can change the default settings when creating a tenant. This way the host and tenant settings will not be affected.
-
0
hi,
you can set password complexity for a specific tenant ;
these settings are used for password complexity. so you can insert these settings into AbpSettings database table with tenantId and even with userId. this will allow you to force the corresponding tenant to have a specific password complexity.
public const string RequiredLength = "Abp.Zero.UserManagement.PasswordComplexity.RequiredLength"; public const string RequireNonAlphanumeric = "Abp.Zero.UserManagement.PasswordComplexity.RequireNonAlphanumeric"; public const string RequireLowercase = "Abp.Zero.UserManagement.PasswordComplexity.RequireLowercase"; public const string RequireUppercase = "Abp.Zero.UserManagement.PasswordComplexity.RequireUppercase"; public const string RequireDigit = "Abp.Zero.UserManagement.PasswordComplexity.RequireDigit";See <a class="postlink" href="https://github.com/aspnetzero/aspnet-zero-core/blob/dev/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Core/Security/PasswordComplexitySettingStore.cs#L17">https://github.com/aspnetzero/aspnet-ze ... ore.cs#L17</a>
or you can completely return new password complexity definitions for your custom condition, modifying the below line <a class="postlink" href="https://github.com/aspnetzero/aspnet-zero-core/blob/68405ccfdbbdce45032e74beac814139e1200824/aspnet-core/src/MyCompanyName.AbpZeroTemplate.Web.Mvc/Areas/AppAreaName/Controllers/TenantsController.cs#L69">https://github.com/aspnetzero/aspnet-ze ... ler.cs#L69</a>
