我嘗試用戶登錄/注冊模板,當我注冊用戶時,我像這樣進行散列
public class HashingHelper
{
public static void CreatePasswordHash(string password, out byte[] passwordHash, out byte[] passwordSalt)
{
using (var hmac = new System.Security.Cryptography.HMACSHA512())
{
passwordSalt = hmac.Key;
passwordHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(password));
}
}
public static bool VerifyPasswordHash(string password, byte[] passwordHash, byte[] passwordSalt)
{
using (var hmac = new System.Security.Cryptography.HMACSHA512(passwordSalt))
{
var computedHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(password));
for (int i = 0; i < computedHash.Length; i )
{
if (computedHash[i] != passwordHash[i])
{
return false;
}
}
return true;
}
public class AccessToken
{
public string Token { get; set; }
public DateTime Expiration { get; set; }
}
public interface ITokenHelper
{
AccessToken CreateToken(User user, List<OperationClaim> operationClaims);
}
public JwtHelper(IConfiguration configuration)
{
Configuration = configuration;
_tokenOptions = Configuration.GetSection("TokenOptions").Get<TokenOptions>();
}
public AccessToken CreateToken(User user, List<OperationClaim> operationClaims)
{
_accessTokenExpiration = DateTime.Now.AddMinutes(_tokenOptions.AccessTokenExpiration);
var securityKey = SecurityKeyHelper.CreateSecurityKey(_tokenOptions.SecurityKey);
var signingCredentials = SigningCredentialsHelper.CreateSigningCredentials(securityKey);
var jwt = CreateJwtSecurityToken(_tokenOptions, user, signingCredentials, operationClaims);
var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
var token = jwtSecurityTokenHandler.WriteToken(jwt);
return new AccessToken
{
Token = token,
Expiration = _accessTokenExpiration
};
}
public JwtSecurityToken CreateJwtSecurityToken(TokenOptions tokenOptions, User user,
SigningCredentials signingCredentials, List<OperationClaim> operationClaims)
{
var jwt = new JwtSecurityToken(
issuer: tokenOptions.Issuer,
audience: tokenOptions.Audience,
expires: _accessTokenExpiration,
notBefore: DateTime.Now,
claims: SetClaims(user, operationClaims),
signingCredentials: signingCredentials
);
return jwt;
}
代碼做散列并給我這個結果
0x3BD49472981C07E354B156A9DBD11F507DFFEE40A353CD732ABED6E14035C36C31E93E8888E1E657B77B41B35E883CD5F8920DDDB3F87D1F85AFFA3E2BD1015E
它會毫無問題,但是當我嘗試登錄用戶
時我不能,因為當我在本地 sql 資料庫中看到時,我看到代碼添加了零號
0x3BD49472981C07E354B156A9DBD11F507DFFEE40A353CD732ABED6E14035C36C31E93E8888E1E657B77B41B35E883CD5F8920DDDB3F87D1F85AFFA3E2BD1015E00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
當我檢查我的代碼時,我沒有發現任何錯誤,所以我該怎么辦
uj5u.com熱心網友回復:
如果是 mssql,請使用 varbinary(500) 而不是 binary(500)
https://www.tektutorialshub.com/sql-server/binary-and-varbinary-data-types-in-sql-server/
轉載請註明出處,本文鏈接:https://www.uj5u.com/caozuo/472748.html