asp.net "Remember Me" cookie -
I have applied while I remember using this option in my asp.net webform, Am I doing this correctly? Any suggestions .. I am using windows authentication and i
protected void LBtnSubmit_Click (object sender, EventArgs e) {if (this.ChkRememberme = null & amp ;! & amp; this.ChkRememberme.Checked == true) {HttpCookie cookie = new HttpCookie (TxtUserName.Text, TxtPassword .Text); Cookie.Expires.AddYears (1); Response.Cookies.Add (cookie); }}
asp.net not using subscription
I ..
but directly, username and storing passwords cookie hash of the username and password and cookie from a salt store, then when you authenticate cookies, the user name, Make a hash with password retrieved password and same salt for re Compare all of them.
Creating a hash is simple as computing, converting passwords and salt values together into one string, converting a byte array string. When using byte array of hash (MD5 or whatever you prefer) and convert the hash result of a string (probably base through 64 encoding)
Here is some example code:
// Create a hash of given passwords and salt. Get a byte array with public string CreateHash (string password, string salt) {// Combined password + salt string authDetails = password + salt; Byte [] authBytes = System.Text.Encoding.ASCII.GetBytes (authDetails); Use the MD5 to calculate the hash of the // byte array, and return the hash as a // base 64-encoded string. Var md5 = new system Security. Cryptography MD5 Crypto Service Provider (); Byte [] hashedBytes = md5.ComputeHash (authBytes); String hash = convert.ToBase64String (hashedBytes); Return hash; } // Check to see if the given password and salt hash are for the same value / as the given hash is public bool isMatchingHash (string password, string salt, string hash) {// given Repeat the hash from the athlete details and compare it with the hash provided by the cook. Create Return (Password, Salt) == Hash; } // Create an authentication cookie that stores a hash / / and salt of usernames and passwords. Set on a hash of public HttpCookie CreateAuthCookie (string username, string password, create a string salt) {// cookie and its value username and // password and salt. Use a pipe character as a delimiter so that we can separate these two elements later. HTTP cookie cookie = new HTTPQQ ("YourSiteCookieNameHere"); Cookie.value = Username + "|" + Happiness (password, salt); Return Cookie; } // Determine whether the given authentication cookie // should remove usernames, retrieve saved passwords, re-combine its hash, and compare the hash to see if they match. If they match, then this authentication cookie is valid. Public Bowl IsValidAuthCookie (Http Cookie Cookie, String Salt) {// Split Cookie Price by Pipe Limiter String [] Price = Cookie. Value Split ('|'); If (values.Length! = 2) false return; // Recover usernames and hash from split values String user name = value [0]; String hash = value [1]; // You must provide your GetPasswordForUser function String Password = GetPasswordForUser (username); // Check the password and salt against the hash. Returns Ischeckinghash (password, salt, hash); }
Comments
Post a Comment