// Configure authentication options services.AddAuthentication(options => { options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.TokenValidationParameters = new TokenValidationParameters { ValidateIssuer = true, ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, ValidIssuer = Configuration["Jwt:Issuer"], ValidAudience = Configuration["Jwt:Issuer"], IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Jwt:Key"])) }; }); // Protect an endpoint with authentication [Authorize] [HttpPost] public async TaskCreate([FromBody] TodoItem item) { // ... }
// Generate a secure random number var randomNumber = new byte[32]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(randomNumber); } // Hash a password with a salt var password = "mysecurepassword"; var salt = new byte[16]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(salt); } var hashedPassword = new Rfc2898DeriveBytes(password, salt, 10000).GetBytes(32);This code generates a secure random number using the `RandomNumberGenerator` class, and then hashes a password with a salt using the `Rfc2898DeriveBytes` class.