如何authencticate与输入密码值的加密密码? [英] How to authencticate the encrypt password with input password value?
问题描述
在这里,我们所说的从移动应用的WebAPI服务来验证数据库中的用户ID和加密密码。
因此,要验证我加密输入密码后比较数据库的密码?
另外一个问题:它正确我在做什么?
或者是一个更好的方式来解密数据库的密码值和输入值检查。如果第二种方式是更好的,我该怎么办呢?
下面是我的code:
使用(LoginServiceEntities上下文=新LoginServiceEntities())
{
VAR加密=新SimpleCrypto.PBKDF2();
变种encrypass = crypto.Compute(密码);
VAR用户=(从u在context.user_master
那里的String.Compare(u.UserID,用户名,StringComparison.OrdinalIgnoreCase)== 0
&功放;&安培; u.Password == encrypass
选择U).FirstOrDefault(); 返回用户!= NULL;
}
密码数据库不应该被解密。
你正在做什么是正确的。只是在数据库与加密输入比较的加密密码
Here we call webapi service from mobile application to authenticate the userid and encrypted password in database. So to authenticate I encrypt the input password and compare with database password?
Another question: Is it correct what I am doing? Or is it a better way to decrypt the database password value and check with input value. If second way is better, how can I do that?
Below is my code:
using (LoginServiceEntities context = new LoginServiceEntities())
{
var crypto = new SimpleCrypto.PBKDF2();
var encrypass = crypto.Compute(Password);
var user = (from u in context.user_master
where String.Compare(u.UserID, UserID, StringComparison.OrdinalIgnoreCase) == 0
&& u.Password== encrypass
select u).FirstOrDefault();
return user != null;
}
Password in database should not be decrypted. What you are doing is correct. Just compare the encrypted password in database with the encrypted input
这篇关于如何authencticate与输入密码值的加密密码?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!