AppStd/DigitalData.UserManager
8
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

feat(security): Nur Benutzer-ID und Passwort im Connection String verschlüsseln

Browse Source 
- Verschlüsselung des gesamten Connection Strings durch Verschlüsselung der Benutzer-ID und des Passworts ersetzt.
- Die `appsettings`-Datei wurde aktualisiert, um nur noch die Benutzer-ID und das Passwort verschlüsselt zu speichern.
- `program.cs` angepasst, um den Connection String zu entschlüsseln und die Benutzer-ID sowie das Passwort separat zu entschlüsseln.
This commit is contained in:
Developer 02
2024-09-09 12:55:22 +02:00
parent 15bc34ba95
commit e6416f0d7f
2 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
DigitalData.UserManager.API/Program.cs
View File

@@ -8,6 +8,7 @@ using NLog;
using DigitalData.Core.API;
using DigitalData.UserManager.API.Controllers;
using DigitalData.UserManager.Application.Services;
using Microsoft.Data.SqlClient;
var logger = LogManager.Setup().LoadConfigurationFromAppSettings().GetCurrentClassLogger();
logger.Debug("init main");
@@ -71,7 +72,7 @@ try {
//builder.Services.AddAutoMapper(typeof(DirectoryMappingProfile).Assembly);
builder.Services.AddUserManager<UserManagerDbContext>();
builder.ConfigureBySection<DirectorySearchOptions>();
builder.Services.AddDirectorySearchService();
@@ -83,8 +84,12 @@ try {
{
var encryptor = app.Services.GetRequiredService<Encryptor>();
var eCnnStr = config.GetConnectionString("UM_DEF") ?? throw new InvalidOperationException("Connection string 'DD_ECM_Connection' is missing from the configuration.");
var cnnStr = encryptor.Decrypt(eCnnStr);
return cnnStr;
SqlConnectionStringBuilder cnnStrBuilder = new(eCnnStr);
cnnStrBuilder.UserID = encryptor.Decrypt(cnnStrBuilder.UserID);
cnnStrBuilder.Password = encryptor.Decrypt(cnnStrBuilder.Password);
var dCnnStr = cnnStrBuilder.ConnectionString;
return dCnnStr;
});
app.UseCors("DefaultCorsPolicy");