Mongo db sha 1 到 sha256 [英] Mongo db sha 1 to sha256
问题描述
我想将我的身份验证从 sha-1 移到 sha 256,但是,即使我创建了一个散列器,我也收到一个错误,指出它无法使用 sha1 进行身份验证.代码中没有提到这个旧机制,我已经在我的 mongo DB 中创建了一个 sha256 用户.这意味着它以某种方式默认为旧版本.查看代码,我收到警告,指出 MongoClientSettings 已过时,但浏览网页时我看不到替代方法,除非我打算使用连接字符串?mongo 客户端的文档仍然接受构造函数中的 mongoClientSettings 吗?我使用的是 MongoDB 4.10 版和 mongocsharpdriver 2.10
I would like to move my authentication over from sha-1 to sha 256, however, even though I've created a hasher I get an error stating that its unable to authenticate using sha1. There is no reference in the code to this old mechanism and I've already created a sha256 user in my mongo DB. Which means it is being defaulted to the old version somehow. Looking at the code I get warnings stating that MongoClientSettings is obsolete but browsing the web I don't see an alternative unless I'm meant to be using a connection string instead? The documentation for mongo client still accepts a mongoClientSettings in the constructor? Im using MongoDB version 4.10 and mongocsharpdriver 2.10
public static MongoClientSettings PrepareMongoSettings(string dbName)
{
MongoClientSettings mongoSettings = new MongoClientSettings();
mongoSettings.Server = new MongoServerAddress(Host, Port);
mongoSettings.ConnectionMode = 0;
if (!string.IsNullOrWhiteSpace(MongoUsername))
{
List<MongoCredential> mongoCredentials = new List<MongoCredential>();
MongoCredential mongoCred = MongoCredential.CreateCredential("admin", MongoUsername, MongoPassword);
mongoCredentials.Add(mongoCred);
mongoSettings.Credentials = mongoCredentials;
}
return mongoSettings;
}
我创建的散列器非常基本,密码应该在输入数据库之前进行散列处理.
The hasher that I have created is pretty basic the password should get hashed for before this code it is entered into the DB.
public static class HasherSha256
{
public static byte[] GetPasswordHash(string username, string password)
{
// get salted byte[] buffer, containing username, password and some (constant) salt
byte[] buffer;
using (System.IO.MemoryStream stream = new MemoryStream())
using (System.IO.StreamWriter writer = new StreamWriter(stream))
{
writer.Write("MyDB");
writer.Write(username);
writer.Write(password);
writer.Flush();
buffer = stream.ToArray();
}
return ComputeSha256Hash(buffer);
}
static byte[] ComputeSha256Hash(byte[] rawData)
{
using (SHA256 sHA256 = SHA256.Create())
{
return sHA256.ComputeHash(rawData);
}
}
}
}
推荐答案
我没有看到任何说明 MongoClientSettings 已过时的文档.这是连接到 MongoDB 的一个非常有用的功能.在此处查看文档.Credentials 已被弃用,但替换为 Credential,后者只需要一个凭据......而不是数组.
I dont see any documentation that says MongoClientSettings is obsolete. It is very much an available feature for connecting to MongoDB. See Documentation here. Credentials was deprecated but replaced with Credential which takes only one credential.. not an array.
new MongoClientSettings()
{
ConnectionMode = ConnectionMode.ReplicaSet,
Credential = MongoCredential.CreateCredential("admin", Username, Password),
ReplicaSetName = "ReplicaSetName",
Servers = new List<MongoServerAddress>(){new MongoServerAddress("server", 27017), new MongoServerAddress("server2", 27017)}.ToArray(),
ApplicationName = "AppName",
}
这篇关于Mongo db sha 1 到 sha256的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
