How to implement machineKey in ASP.NET Core 2.0

后端 未结 4 549
傲寒
傲寒 2020-12-03 16:50

In ASP.NET (not core) I would normally add a machineKey to the web.config so that I could perform some functions on a local machine instead of the server so that database/ca

相关标签:
4条回答
  • 2020-12-03 17:28

    You can find good examples at https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/implementation/key-storage-providers?view=aspnetcore-2.2&tabs=visual-studio

    I used my database context to persist the keys across multiple instances.

    DbContext.cs

    public class MyContext : IDataProtectionKeyContext
    {
      ...
      // This maps to the table that stores keys.
      public DbSet<DataProtectionKey> DataProtectionKeys { get; set; }
    }
    

    Startup.cs

    public void ConfigureServices(IServiceCollection services)
    {
      ...
      services.AddDataProtection().PersistKeysToDbContext<MyContext>();
    }
    
    0 讨论(0)
  • 2020-12-03 17:34

    For legacy purposes where you want to build out your ASP.NET Core applications based on some classic ASP.NET application that is responsible for generating the authentication cookies, there is an open source library available that enables you to consume these legacy cookies into your ASP.NET Core application. The developers have used the .NET Framework reference implementation to build their own Machinekey based encryption/decryption logic. See https://github.com/synercoder/FormsAuthentication

    0 讨论(0)
  • 2020-12-03 17:42

    You need to use DataProtection APis now:

    The ASP.NET Core data protection stack provide a simple, easy to use cryptographic API a developer can use to protect data, including key management and rotation.

    Samples could be found in official DataProtection repo.

    The same approach, by the way, works with ASP.NET: Replacing <machineKey> in ASP.NET


    The data protection system is built upon two core concepts - a data protection provider (represented by the IDataProtectionProvider interface), which is used to create a data protector (represented by the IDataProtector interface) by CreateProtector method. The data protector is used to encrypt and decrypt data.

    To register IDataProtectionProvider into DI use .AddDataProtection method:

    public void ConfigureServices(IServiceCollection services)
    {
        // Adds data protection services
        services.AddDataProtection();
        ...
    }
    
    0 讨论(0)
  • 2020-12-03 17:53

    in asp.net Core you should set Data Protection system.

    for more information read this answer.

    0 讨论(0)
提交回复
热议问题