时间戳

首页 > 解决方案 > 异常用户交给 - System.FormatException 错误

c# - 异常用户交给 - System.FormatException 错误

问题描述

我有一个 sql 数据库。数据库中有 1 个用户。用户属性是用户名、密码和盐。Salt 用于加密,我用 c# 编写了 asp.net web app api。我在 Visual Studio 中有一个 registercontroller.cs 和 logincontroller.cs。当我尝试使用高级休息客户端的 post 方法时,它可以成功注册但登录不起作用,并且在 Visual Studio 中发生此错误。

System.FormatException: '输入不是有效的 Base-64 字符串,因为它包含非 base 64 字符、两个以上的填充字符或填充字符中的非法字符"

错误发生的地方

var client_post_hash_password = Convert.ToBase64String(
                                common.SaltHashPassword(
                                Encoding.ASCII.GetBytes(value.Password),
                                Convert.FromBase64String(user.Salt)));

我常见的 class.common 类是生成 hashpassword

    public class common
    {

    public static byte[] GetRandomSalt(int length)
    {
        var random = new RNGCryptoServiceProvider();
        byte[] salt = new byte[length];
        random.GetNonZeroBytes(salt);
        return salt;
    }

    /*
     * FUNCTION TO CREATE PASSWORD WITH SALT 
     * 
     */
    public static byte[] SaltHashPassword(byte[] password, byte[] salt)
    {
        HashAlgorithm alghoritm = new SHA256Managed();
        byte[] plainTextWithSaltBytes = new byte[password.Length + salt.Length];
        for (int i = 0; i < password.Length; i++)
        {
            plainTextWithSaltBytes[i] = password[i];
        }
        for (int i = 0; i < salt.Length; i++)
        {
            plainTextWithSaltBytes[password.Length + i] = salt[i];

        }
        return alghoritm.ComputeHash(plainTextWithSaltBytes);


    }
}

我的用户类

     public partial class TblUser
{
    public string UserName { get; set; }
    public string Password { get; set; }
    public string Salt { get; set; }
}

我的登录控制器

namespace EDMTAPIAuthentication7.Controllers
 {
[Route("api/[controller]")]
[ApiController]
public class LoginController : ControllerBase
{

    NetCoreAuthenticationContext dbContext = new 
    NetCoreAuthenticationContext();



    // POST api/<LoginController>
    [HttpPost]
    public String Post([FromBody] TblUser value)
    {
        //check exist
        //First , we need check user have existing in database ?

        if (dbContext.TblUsers.Any(user => 
             user.UserName.Equals(value.UserName)))
        {
            TblUser user = dbContext.TblUsers.Where(u => 
                  u.UserName.Equals(value.UserName)).First();
            //calculate hash password from data of client and compare 
             with hash in server with salt
            var client_post_hash_password = Convert.ToBase64String(
                common.SaltHashPassword(
                    Encoding.ASCII.GetBytes(value.Password),
                    Convert.FromBase64String(user.Salt)));

            if (client_post_hash_password.Equals(user.Password))
                return JsonConvert.SerializeObject(user);
            else
                return JsonConvert.SerializeObject("Yanlış parola");
        }
        else
        {
            return JsonConvert.SerializeObject("Kullanıcı veri tabanında 
   bulunamadı.");
        }

    }


  }
 }

我的注册控制器

namespace EDMTAPIAuthentication7.Controllers
 {
[Route("api/[controller]")]
[ApiController]
public class registerController : ControllerBase
{
    NetCoreAuthenticationContext dbContext = new 
    NetCoreAuthenticationContext();

    // POST api/<ValuesController1>
    [HttpPost]
    public String Post([FromBody] TblUser value)
    {
        // First we need check user have existing in database 
        if (!dbContext.TblUsers.Any(user => 
        user.UserName.Equals(value.UserName)))
        {
            TblUser user = new TblUser();
            user.UserName = value.UserName;//assign value from post to 
                                                                    user
            user.Salt = 
            Convert.ToBase64String(common.GetRandomSalt(16));

                user.Password = 
                Convert.ToBase64String(common.SaltHashPassword(
                Encoding.ASCII.GetBytes(value.Password),
                Convert.FromBase64String(user.Salt)));

            //add to database

            try
            {
                dbContext.Add(user);
                dbContext.SaveChanges();
                return JsonConvert.SerializeObject("Kayıt başarılı");

            }
            catch (Exception ex)
            {
                return JsonConvert.SerializeObject(ex.Message);
            }
        }
        else
        {
            return JsonConvert.SerializeObject("kullanıcı veri tabanında 
              mevcut");
        }
    }


}
}

标签: c#asp.net

解决方案

推荐阅读