SQL创建.Net成员资格提供程序用户 [英] SQL to create .Net Membership Provider users
问题描述
我有一个SQL脚本,可以在数据库中创建用户. 它使用.Net成员身份存储的proc.
I have a SQL script that creates users in in my database. It uses the .Net membership stored procs.
目前,它工作正常.
唯一的问题是密码是保存的明文.在这里我应该更改为 salted/encrypted (不确定在这里使用什么术语)
The only issue is that the passwords are saved clear text. What should I change here to they are salted/encrypted (Not sure what term to use here)
GO
DECLARE @return_value int,
@UserId uniqueidentifier
EXEC @return_value = [dbo].[aspnet_Membership_CreateUser]
@ApplicationName = N'Theater',
@UserName = N'sam.sosa',
@Password = N'mypassword',
@PasswordSalt = N'eyhKDP858wdrYHbBmFoQ6DXzFE1FB+RDP4ULrpoZXt6f',
@Email = N'sam@Simple.com',
@PasswordQuestion = N'Whats your favorite color',
@PasswordAnswer = N'Fusia',
@IsApproved = 1,
@CurrentTimeUtc = '2010-03-03',
@CreateDate = '2010-03-03',
@UniqueEmail = 1,
@PasswordFormat = 0,
@UserId = @UserId OUTPUT
SELECT @UserId as N'@UserId'
SELECT 'Return Value' = @return_value
GO
谢谢!
推荐答案
对于哈希"密码存储模式,它只是简单地计算:
Under the hood it looks like for the "Hashed" password storage mode, it simply calculates:
SHA1(盐+密码)
SHA1(Salt + Password)
Salt以Base64编码存储,因此在与(Unicode)密码连接之前必须先对其进行解码.最后,对结果进行Base64编码以进行存储.
The Salt is stored Base64 encoded, so it must be decoded prior to being concatenated with the (Unicode) password. Finally, the result is Base64 encoded for storage.
以下(可怕的)SQL将输出适当编码的值,该值可以替换您当前拥有的"mypassword".您还必须将@PasswordFormat设置为1,以指示密码是散列存储的.
The following (horrible) SQL will output a suitably encoded value which can be substituted in place of the "mypassword" that you currently have. You must also set @PasswordFormat to 1 to indicate that the password is stored hashed.
declare @salt nvarchar(128)
declare @password varbinary(256)
declare @input varbinary(512)
declare @hash varchar(64)
-- Change these values (@salt should be Base64 encoded)
set @salt = N'eyhKDP858wdrYHbBmFoQ6DXzFE1FB+RDP4ULrpoZXt6f'
set @password = convert(varbinary(256),N'mypassword')
set @input = hashbytes('sha1',cast('' as xml).value('xs:base64Binary(sql:variable(''@salt''))','varbinary(256)') + @password)
set @hash = cast('' as xml).value('xs:base64Binary(xs:hexBinary(sql:variable(''@input'')))','varchar(64)')
-- @hash now contains a suitable password hash
-- Now create the user using the value of @salt as the salt, and the value of @hash as the password (with the @PasswordFormat set to 1)
DECLARE @return_value int,
@UserId uniqueidentifier
EXEC @return_value = [dbo].[aspnet_Membership_CreateUser]
@ApplicationName = N'Theater',
@UserName = N'sam.sosa',
@Password = @hash,
@PasswordSalt = @salt,
@Email = N'sam@Simple.com',
@PasswordQuestion = N'Whats your favorite color',
@PasswordAnswer = N'Fusia',
@IsApproved = 1,
@CurrentTimeUtc = '2010-03-03',
@CreateDate = '2010-03-03',
@UniqueEmail = 1,
@PasswordFormat = 1,
@UserId = @UserId OUTPUT
SELECT @UserId as N'@UserId'
SELECT 'Return Value' = @return_value
这篇关于SQL创建.Net成员资格提供程序用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!