asp.net core mvc - Add admin page without full fledged user management -

-

i building rather simple site asp.net core mvc 2.0 more or less image gallery, me. not using database far. json file metadata , image files itself.

now site supposed hidden admin page (and i) can upload new pictures.

what simple still secure way add admin page without having introduce full fledged user management site? i'd avoid add database , entity framework etc. site - there 1 user.

in other words, secure , simple way add user management there 1 user authenticates: me, admin.

store hashed version of desired username/password in appsettings.json , rehash values provided through login screen , compare them.

here's example of how logging in accomplished. bootstraps off of default hasher present in asp.net identity use hashing function.

you might want create other helpers in case want reset hashed password application versus having go settings file.

appsettings.json

{     ...     "logincredentials": {         "usernamehash": "aqaaaaeaaccqaaaaenmv+rilvttia5wafxxzex4rmsmxwvzg00q4jzkbi7lx/oe2pfdqw1r521hbsl567g==",         "passwordhash": "aqaaaaeaaccqaaaaekwwppiixeqm9qo7hoxcoxxgivhks9qhrz1k0laz3novwid2lv+i+dwc9oheqdgfba=="     } }

startup.cs

 public void configureservices(iservicecollection services)  {     //assuming services.addidentity<...>(...) not added service     services.configure<logincredentialoptions>(configuration.getsection("logincredentials"));     services.addtransient<ipasswordhasher<user>, passwordhasher<user>>();     ...  }

logincredentialoptions.cs

public class logincredentialoptions {     public string usernamehash { get; set; }      public string passwordhash { get; set; } }

accountcontroller.cs

... public async task<iactionresult> login([fromservices] ioptions<logincredentialoptions> logincreds, loginviewmodel model, string returnurl = null) {     if (modelstate.isvalid)     {         var passwordresult = passwordhasher.verifyhashedpassword(null, logincreds.value.passwordhash, model.password);         var usernameresult = passwordhasher.verifyhashedpassword(null, logincreds.value.usernamehash, model.username);          if (passwordresult == passwordverificationresult.success &&             usernameresult == passwordverificationresult.success)         {             //create identity cookie , sign in              redirecttoaction(nameof(index), "home");         }     }      // if got far, failed, redisplay form     return view(model); }

Comments

Post a Comment

Popular posts from this blog

ios - MKAnnotationView layer is not of expected type: MKLayer -

-
Image
so code works fine logger riddled message. there way rid of or suppress it? postannotation.swift class postannotation: mkpointannotation { //mark: properties let post: post //mark: initialization init(post: post) { self.post = post super.init() self.coordinate = cllocationcoordinate2d(latitude: post.latitude, longitude: post.longitude) self.title = post.title self.subtitle = post.timestring() } } adding annotation let annotation = postannotation(post: post) self.map.addannotation(annotation) func mapview func mapview(_ mapview: mkmapview, viewfor annotation: mkannotation) -> mkannotationview? { if annotation mkuserlocation { return nil } var annotationview = mapview.dequeuereusableannotationview(withidentifier: "pin") as? mkpinannotationview if annotationview == nil { annotationview = mkpinannotationview(annotation: annotation, reuseidentifier: "pin")
Read more

ZeroMQ on Windows, with Qt Creator -

-
i have installed zmq link given below on windows 7. http://zeromq.org/distro:microsoft-windows 1) have c++ project in qt-creator , i'm using zmq c++ binding (zhelpers.hpp etc). 2) have added .lib installed zmq folder qtcreator 3) while compiling, compiler looks _imp__zmq_verion, in .dll files present in .lib have __imp_zmq_version. 4) causing undefined reference zmq_version. anyone else faced problem , has solution ?
Read more

unity3d - Unity SceneManager.LoadScene quits application -

-
i have 2 different scenes 1 named 'main' , other 'game' both added scenes in load. when use scenemanager.loadscene("game"); works no problem when tried return main scene code if (input.getkeydown (keycode.escape)) { scenemanager.loadscene("main"); } strangely game quits. thanks. sorry interruption. somewhere on other script found code. if (input.getkeydown (keycode.escape)) { application.quit (); } that's bad, know...
Read more