Requirements: The project can need to interact with third-party interfaces, such as: payment, SMS, email, official account, etc., calling these interfaces requires credentials (often said: tokens, keys), if the project is more important (or in a large team), these configuration items are not recommended to be written directly in the source code configuration file, because the configuration will also be submitted to the source code repository, once the configuration in the source code code is leaked, it may cause more serious consequences, you can use .NET Introduce application secrets to ensure the security of the configuration without affecting development.
The Secrets Manager tool stores sensitive data during application development. In this context, a piece of sensitive data is application secret. App secrets are stored in a different location than in the project tree. App secrets are associated with specific projects or shared across multiple projects.App secrets aren't checked into source control。
First, add the following in the configuration file:
Then read it as shown below:
Assuming that the Site in the configuration is confidential information and should not be checked into the code repository, you can right-click on the VS "Manage user secretsto enable the feature, configure it as follows:
At the same time, the .csproj file will be incrementedUserSecretsIdA section of the configuration, re-run the project, and find that the configuration is already a read confidential information (User secret keys take precedence over appsettings.json and appsettings. {Environment}.json key), as shown below:
Confidential profile storage path:
Windows:%APPDATA%\Microsoft\UserSecrets\<user_secrets_id>\secrets.json
Linux:~/.microsoft/usersecrets/<user_secrets_id>/secrets.json
Take Windows as an example, as shown below:
Reference:
The hyperlink login is visible.
The hyperlink login is visible.
|
Posted on 5/12/2024 5:41:30 PM
|
|
|
|
Landlord|
Posted on 5/12/2024 5:42:08 PM
|
