public void GetMd5Hash()
{
string actual = CryptoExt.GetMd5Hash("lys", "salt", EncodeType.Hex);
string expect = "253eb762911ca80042e997d12448b0c6";
Assert.AreEqual(expect, actual);
}
public void GetHmacHash()
{
string actual = EncodingExt.ToBase64Url(CryptoExt.GetHmacHash("HMACSHA256", "lys", "salt"));
string actual2 = EncodingExt.ToBase64Url(CryptoExt.GetHmacHash <HMACSHA256>("lys", "salt"));
string expect = "Liof_mjT4Kd1V7I7ItvcTGO3yBezkbN0UVDHXm7m1Vg";
Assert.AreEqual(expect, actual);
Assert.AreEqual(expect, actual2);
}
public void Login(UserDto dto)
{
var user = _userMng.Load(dto.UserName);
// 测试用(数据库密码存储采用 md5(pwd),pwd是注册的原始密码)
user.Pwd = CryptoExt.GetMd5Hash("", null, EncodeType.Hex);
// 校验密码(前端密码加密格式为 md5(md5(pwd).salt))
string secrt = CryptoExt.GetMd5Hash(user.Pwd, dicSecret[dto.UserName], EncodeType.Hex);
if (!secrt.EqualsNoCase(dto.Password))
{
dicSecret.Remove(dto.UserName);
throw new ValidateException("用户名或密码错误!");
}
dicSecret.Remove(dto.UserName);
}
public string ComputeHash(string header, string payload, string salt)
{
return(CryptoExt.GetHmacHash(TokenConfig.Alg, $"{header}.{payload}", salt, EncodeType.Encode));
}
