asp net core(net core app 1.0)中替代System.Web.Security.Membership.GeneratePassword
Alternative to System.Web.Security.Membership.GeneratePassword in aspnetcore (netcoreapp1.0)
在AspNetCore (netcoreapp1.0)中是否有替代System.Web.Security.Membership.GeneratePassword的方法。
最简单的方法是只使用一个 Guid.NewGuid().ToString("n"),它的长度足以配得上一个密码,但它不是完全随机的。
这是一个 class/method,基于 Membership.GeneratePassword 的来源,它适用于 .NET Core:
public static class Password
{
private static readonly char[] Punctuations = "!@#$%^&*()_-+=[{]};:>|./?".ToCharArray();
public static string Generate(int length, int numberOfNonAlphanumericCharacters)
{
if (length < 1 || length > 128)
{
throw new ArgumentException(nameof(length));
}
if (numberOfNonAlphanumericCharacters > length || numberOfNonAlphanumericCharacters < 0)
{
throw new ArgumentException(nameof(numberOfNonAlphanumericCharacters));
}
using (var rng = RandomNumberGenerator.Create())
{
var byteBuffer = new byte[length];
rng.GetBytes(byteBuffer);
var count = 0;
var characterBuffer = new char[length];
for (var iter = 0; iter < length; iter++)
{
var i = byteBuffer[iter] % 87;
if (i < 10)
{
characterBuffer[iter] = (char)('0' + i);
}
else if (i < 36)
{
characterBuffer[iter] = (char)('A' + i - 10);
}
else if (i < 62)
{
characterBuffer[iter] = (char)('a' + i - 36);
}
else
{
characterBuffer[iter] = Punctuations[i - 62];
count++;
}
}
if (count >= numberOfNonAlphanumericCharacters)
{
return new string(characterBuffer);
}
int j;
var rand = new Random();
for (j = 0; j < numberOfNonAlphanumericCharacters - count; j++)
{
int k;
do
{
k = rand.Next(0, length);
}
while (!char.IsLetterOrDigit(characterBuffer[k]));
characterBuffer[k] = Punctuations[rand.Next(0, Punctuations.Length)];
}
return new string(characterBuffer);
}
}
}
我在 CrossSiteScriptingValidation.IsDangerousString 上省略了 do...while 循环。如果需要,您可以自己将其添加回去。
你这样使用它:
var password = Password.Generate(32, 12);
此外,请务必参考 System.Security.Cryptography.Algorithms。
在AspNetCore (netcoreapp1.0)中是否有替代System.Web.Security.Membership.GeneratePassword的方法。
最简单的方法是只使用一个 Guid.NewGuid().ToString("n"),它的长度足以配得上一个密码,但它不是完全随机的。
这是一个 class/method,基于 Membership.GeneratePassword 的来源,它适用于 .NET Core:
public static class Password
{
private static readonly char[] Punctuations = "!@#$%^&*()_-+=[{]};:>|./?".ToCharArray();
public static string Generate(int length, int numberOfNonAlphanumericCharacters)
{
if (length < 1 || length > 128)
{
throw new ArgumentException(nameof(length));
}
if (numberOfNonAlphanumericCharacters > length || numberOfNonAlphanumericCharacters < 0)
{
throw new ArgumentException(nameof(numberOfNonAlphanumericCharacters));
}
using (var rng = RandomNumberGenerator.Create())
{
var byteBuffer = new byte[length];
rng.GetBytes(byteBuffer);
var count = 0;
var characterBuffer = new char[length];
for (var iter = 0; iter < length; iter++)
{
var i = byteBuffer[iter] % 87;
if (i < 10)
{
characterBuffer[iter] = (char)('0' + i);
}
else if (i < 36)
{
characterBuffer[iter] = (char)('A' + i - 10);
}
else if (i < 62)
{
characterBuffer[iter] = (char)('a' + i - 36);
}
else
{
characterBuffer[iter] = Punctuations[i - 62];
count++;
}
}
if (count >= numberOfNonAlphanumericCharacters)
{
return new string(characterBuffer);
}
int j;
var rand = new Random();
for (j = 0; j < numberOfNonAlphanumericCharacters - count; j++)
{
int k;
do
{
k = rand.Next(0, length);
}
while (!char.IsLetterOrDigit(characterBuffer[k]));
characterBuffer[k] = Punctuations[rand.Next(0, Punctuations.Length)];
}
return new string(characterBuffer);
}
}
}
我在 CrossSiteScriptingValidation.IsDangerousString 上省略了 do...while 循环。如果需要,您可以自己将其添加回去。
你这样使用它:
var password = Password.Generate(32, 12);
此外,请务必参考 System.Security.Cryptography.Algorithms。