c# - 异常用户交给 - System.FormatException 错误
问题描述
我有一个 sql 数据库。数据库中有 1 个用户。用户属性是用户名、密码和盐。Salt 用于加密,我用 c# 编写了 asp.net web app api。我在 Visual Studio 中有一个 registercontroller.cs 和 logincontroller.cs。当我尝试使用高级休息客户端的 post 方法时,它可以成功注册但登录不起作用,并且在 Visual Studio 中发生此错误。
System.FormatException: '输入不是有效的 Base-64 字符串,因为它包含非 base 64 字符、两个以上的填充字符或填充字符中的非法字符"
错误发生的地方
var client_post_hash_password = Convert.ToBase64String(
common.SaltHashPassword(
Encoding.ASCII.GetBytes(value.Password),
Convert.FromBase64String(user.Salt)));
我常见的 class.common 类是生成 hashpassword
public class common
{
public static byte[] GetRandomSalt(int length)
{
var random = new RNGCryptoServiceProvider();
byte[] salt = new byte[length];
random.GetNonZeroBytes(salt);
return salt;
}
/*
* FUNCTION TO CREATE PASSWORD WITH SALT
*
*/
public static byte[] SaltHashPassword(byte[] password, byte[] salt)
{
HashAlgorithm alghoritm = new SHA256Managed();
byte[] plainTextWithSaltBytes = new byte[password.Length + salt.Length];
for (int i = 0; i < password.Length; i++)
{
plainTextWithSaltBytes[i] = password[i];
}
for (int i = 0; i < salt.Length; i++)
{
plainTextWithSaltBytes[password.Length + i] = salt[i];
}
return alghoritm.ComputeHash(plainTextWithSaltBytes);
}
}
我的用户类
public partial class TblUser
{
public string UserName { get; set; }
public string Password { get; set; }
public string Salt { get; set; }
}
我的登录控制器
namespace EDMTAPIAuthentication7.Controllers
{
[Route("api/[controller]")]
[ApiController]
public class LoginController : ControllerBase
{
NetCoreAuthenticationContext dbContext = new
NetCoreAuthenticationContext();
// POST api/<LoginController>
[HttpPost]
public String Post([FromBody] TblUser value)
{
//check exist
//First , we need check user have existing in database ?
if (dbContext.TblUsers.Any(user =>
user.UserName.Equals(value.UserName)))
{
TblUser user = dbContext.TblUsers.Where(u =>
u.UserName.Equals(value.UserName)).First();
//calculate hash password from data of client and compare
with hash in server with salt
var client_post_hash_password = Convert.ToBase64String(
common.SaltHashPassword(
Encoding.ASCII.GetBytes(value.Password),
Convert.FromBase64String(user.Salt)));
if (client_post_hash_password.Equals(user.Password))
return JsonConvert.SerializeObject(user);
else
return JsonConvert.SerializeObject("Yanlış parola");
}
else
{
return JsonConvert.SerializeObject("Kullanıcı veri tabanında
bulunamadı.");
}
}
}
}
我的注册控制器
namespace EDMTAPIAuthentication7.Controllers
{
[Route("api/[controller]")]
[ApiController]
public class registerController : ControllerBase
{
NetCoreAuthenticationContext dbContext = new
NetCoreAuthenticationContext();
// POST api/<ValuesController1>
[HttpPost]
public String Post([FromBody] TblUser value)
{
// First we need check user have existing in database
if (!dbContext.TblUsers.Any(user =>
user.UserName.Equals(value.UserName)))
{
TblUser user = new TblUser();
user.UserName = value.UserName;//assign value from post to
user
user.Salt =
Convert.ToBase64String(common.GetRandomSalt(16));
user.Password =
Convert.ToBase64String(common.SaltHashPassword(
Encoding.ASCII.GetBytes(value.Password),
Convert.FromBase64String(user.Salt)));
//add to database
try
{
dbContext.Add(user);
dbContext.SaveChanges();
return JsonConvert.SerializeObject("Kayıt başarılı");
}
catch (Exception ex)
{
return JsonConvert.SerializeObject(ex.Message);
}
}
else
{
return JsonConvert.SerializeObject("kullanıcı veri tabanında
mevcut");
}
}
}
}
解决方案
推荐阅读
- javascript - 当没有第二张图像可用时,jQuery悬停不起作用
- ruby-on-rails - 查找对象时,如何按表中的字段对其获取的子对象进行排序
- npm - 使用 package.json 中的内部版本号
- raku - Perl6:函数/子例程的可变参数数量
- python - 根据多列中的值创建新的数据框列
- python - 飞行数据集的准确性非常低
- latex - 分段命令在 elsevier LaTeX 模板中不起作用
- awk - 如何计算字母的频率
- django - 如何在一个 Django 中使用两个列表作为标签?
- android - Android Robolectric:OutOfMemoryError - 创建 ArrayList 时超出 GC 开销限制