我们正在构建一个通过 DNN 集成的移动应用程序。
移动应用程序使用连接到 DNN 模块的 ASP.net 网络服务,在移动应用程序中存在两个选项
第一个选项:
- 注册屏幕
在 DNN 模块中创建新用户,问题是在 ASP.net Web 服务中负责创建新用户的网络方法,它连接到 DNN 数据库并在表(成员表)中插入新记录
- aspnet_Membership
-aspnet_Users
-用户
问题是在这些表中插入新用户时
([aspnet_Membership]) 使用 ASP.net 代码和 Linq.sql 框架
对于这些领域
,[密码]
,[密码格式]
,[密码盐]
我们使用 Trible DES 算法获取用户密码
我们创建类来生成盐和加密和解密密码
public class NetFourMembershipProvider : SqlMembershipProvider
{
public string GenerateSalt()
{
var buf = new byte[20];
(new RNGCryptoServiceProvider()).GetBytes(buf);
return Convert.ToBase64String(buf);
}
public string EncodePassword(byte passFormat, string passtext, string passwordSalt)
{
if (passFormat.Equals(0)) // passwordFormat="Clear" (0)
return passtext;
else
{
byte[] bytePASS = Encoding.Unicode.GetBytes(passtext);
byte[] byteSALT = Convert.FromBase64String(passwordSalt);
byte[] byteRESULT = new byte[byteSALT.Length + bytePASS.Length + 1];
System.Buffer.BlockCopy(byteSALT, 0, byteRESULT, 0, byteSALT.Length);
System.Buffer.BlockCopy(bytePASS, 0, byteRESULT, byteSALT.Length, bytePASS.Length);
if (passFormat.Equals(1)) // passwordFormat="Hashed" (1)
{
HashAlgorithm ha = HashAlgorithm.Create(Membership.HashAlgorithmType);
return (Convert.ToBase64String(ha.ComputeHash(byteRESULT)));
}
else // passwordFormat="Encrypted" (2)
{
return (Convert.ToBase64String(this.EncryptPassword(byteRESULT)));
}
}
}
public string GetClearTextPassword(string encryptedPwd)
{
byte[] encodedPassword = Convert.FromBase64String(encryptedPwd);
byte[] bytes = this.DecryptPassword(encodedPassword);
if (bytes == null)
{
return null;
}
return Encoding.Unicode.GetString(bytes, 0x10, bytes.Length - 0x10).Substring(0, Encoding.Unicode.GetString(bytes, 0x10, bytes.Length - 0x10).Length - 1);
}
public new byte[] EncryptPassword(byte[] password)
{
return base.EncryptPassword(password);
}
}
并在 web.config 文件中添加 sypher 密钥
在应用设置部分,我们添加
在 system.web 部分,我们添加
<machineKey validationKey="42441B48BCA3F15B2353E426BC2C9111680E09E8" decryptionKey="00B3BAE82FEF44753E95AE088CCDB5E75C0F3BB1E58DEC2A" decryption="3DES" validation="SHA1" />
注册网络服务的代码是
try
{
string Email = Request.QueryString["Email"];
string UserName = Request.QueryString["UserName"];
string MobileNo = Request.QueryString["MobileNo"];
string FirstName = Request.QueryString["FirstName"];
string LastName = Request.QueryString["LastName"];
string password = Request.QueryString["Password"];
string salt = "35wj1+r/Dr6RYjBbIRhWeQ==";
NetFourMembershipProvider decriptor = new NetFourMembershipProvider();
string encryptedpassword = decriptor.EncodePassword(2, password, salt);
ORMDataContext myContext = new ORMDataContext();
int userCount = (from user in myContext.Users
where user.Username == UserName
select user.UserID).Count();
CustomUser myUser = new CustomUser();
if (userCount == 0)
{
aspnet_User membership_user = new aspnet_User();
membership_user.ApplicationId = Guid.Parse("4985C01A-3338-49C9-AC39-DC5934D5ED7A");
membership_user.UserName = UserName;
membership_user.LoweredUserName = UserName.ToLower();
membership_user.LastActivityDate = DateTime.Now;
membership_user.IsAnonymous = false;
membership_user.MobileAlias = MobileNo;
membership_user.UserId = Guid.NewGuid();
myContext.aspnet_Users.InsertOnSubmit(membership_user);
myContext.SubmitChanges();
aspnet_Membership membership = new aspnet_Membership();
Guid appID = Guid.Parse("4985C01A-3338-49C9-AC39-DC5934D5ED7A");
membership.ApplicationId = appID;
membership.CreateDate = DateTime.Now;
membership.Email = Email;
membership.FailedPasswordAnswerAttemptCount = 0;
membership.FailedPasswordAnswerAttemptWindowStart = DateTime.Now;
membership.FailedPasswordAttemptCount = 0;
membership.FailedPasswordAttemptWindowStart = DateTime.Now;
membership.IsApproved = true;
membership.IsLockedOut = true;
membership.LastLockoutDate = DateTime.Now;
membership.LastLoginDate = DateTime.Now;
membership.LastPasswordChangedDate = DateTime.Now;
membership.LoweredEmail = Email.ToLower();
membership.MobilePIN = "";
membership.Password = encryptedpassword;
membership.PasswordAnswer = "";
membership.PasswordFormat = 2;
membership.PasswordQuestion = "";
membership.PasswordSalt = salt;
membership.UserId = membership_user.UserId;
myContext.aspnet_Memberships.InsertOnSubmit(membership);
myContext.SubmitChanges();
Borsa_Ws.User user = new User();
user.Username = UserName;
user.CreatedOnDate = DateTime.Now;
user.DisplayName = UserName;
user.Email = Email;
user.FirstName = FirstName;
user.LastName = LastName;
user.UpdatePassword = false;
user.LastModifiedByUserID = -1;
user.IsSuperUser = false;
myContext.Users.InsertOnSubmit(user);
myContext.SubmitChanges();
Borsa_Ws.UserRole user_role1 = new Borsa_Ws.UserRole();
user_role1.UserID = user.UserID;
user_role1.RoleID = 1;
Borsa_Ws.UserRole user_role2 = new Borsa_Ws.UserRole();
user_role2.UserID = user.UserID;
user_role2.RoleID = 2;
myContext.UserRoles.InsertOnSubmit(user_role1);
myContext.UserRoles.InsertOnSubmit(user_role2);
myContext.SubmitChanges();
myUser.Roles = new int[] { 1, 2 };
myUser.Logged = "1";
myUser.UserID = user.UserID.ToString();
}
else
{
myUser.Logged = "0";
}
JavaScriptSerializer searlizer = new JavaScriptSerializer();
Response.Clear();
Response.ContentType = "application/json; charset=utf-8";
Response.Write(searlizer.Serialize(myUser));
Response.End();
}
catch
{
}
当我们来到 DNN 网站并尝试登录我们新插入的数据时
DNN 拒绝登录
所以你能告诉我我的代码是什么吗
谢谢