生成PasswordHash和SecurityStamp [英] Generate a PasswordHash and SecurityStamp

问题描述

我有一个 Registration 表，新用户可以放入该表中.以后的过程将为该用户创建一个数据库，然后从注册表(电子邮件和名称)中的数据中插入一个ASP.NET身份用户记录.

I have a Registrations table which new users get put into. A later process creates a database for that user, and inserts an ASP.NET Identity User record from the data in the registration table (email & name).

我想扩展此范围，以便在注册时用户可以输入密码，然后将其设置在新数据库中.

I'd like to extend this so that at the point of registration, users can enter their password, which will then be set up in the new database.

要正确执行此操作，我相信我需要创建一个 SecurityStamp 值，然后使用该值加密密码以获得 PasswordHash .因此，我将这些值存储在注册表中，然后在设置好这些值后将其复制到用户的新数据库中，它们将能够使用其注册的密码登录.

To do this properly, I'd need to create a SecurityStamp value and then encrypt the password using that to get the PasswordHash, I believe. So then I would store these values in the registrations table, and then I could copy them into the user's new database when that is set up, and they would be able to log in with the password they registered.

我该怎么做-生成 SecurityStamp ，然后对密码进行哈希处理?

How would I do this - generate the SecurityStamp and then hash the password?

推荐答案

SecurityStamp 可以是随机的，不可重复的任何内容- Guid.NewGuid().ToString()做得很好.

SecurityStamp can be anything random, non-repeatable - Guid.NewGuid().ToString() does the job nicely.

对于密码哈希， UserManager 具有属性 PasswordHasher ，该属性为您执行密码哈希:

For password hashing UserManager has property PasswordHasher that does password hashing for you:

var userManager = new UserManager(context);
var passwordHash = userManager.PasswordHasher.HashPassword("mySecurePassword");

这篇关于生成PasswordHash和SecurityStamp的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！