How to create a security stamp value for asp.net i

2019-04-04 15:54发布

站内问答 / 移动开发
1559 3 5

In my MVC-5 application, I have to create security stamp values manually. The current implementation of the identity team seems to use a guid.

Guid.NewGuid().ToString("D")

Is it safe to create a new Guid myself to use as a new security stamp value or will this lead to problems in future implementations of asp.net identity?
Is there a method to let the identity framework create such a stamp-value for me so that my implementation is safe for future changes?

3条回答
劫难
2楼-- · 2019-04-04 16:04

ASP.NET Identity UserManager provides method UpdateSecurityStampAsync(string userId)which will automatically update users security-stamp. So that next time validateInterval ends user will be automatically logged-out and forced to sign.in again.

UserManager.UpdateSecurityStampAsync(userId);
查看更多
0人赞 添加讨论(0) 举报
smile是对你的礼貌
3楼-- · 2019-04-04 16:12

Out of the documentation of the identity implementation for the entity-framework, it seems that it can be any random value:

IdentityUser.SecurityStamp Property

A guid seems therefore fine and the following code should be reliable also with future versions of asp.net identity.

Guid.NewGuid().ToString("D")
查看更多
0人赞 添加讨论(0) 举报
霸刀☆藐视天下
4楼-- · 2019-04-04 16:18

a bit late to the party, but these seem to work just fine:

        await _userManager.UpdateSecurityStampAsync(user);
        await _userManager.UpdateNormalizedEmailAsync(user);
        await _userManager.UpdateNormalizedUserNameAsync(user);
        await _userManager.SetLockoutEnabledAsync(user, true);
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)