Objective
In the process of application development, sometimes it is necessary to keep some confidential information in the code, such as encryption key, string, or user name password. The usual practice is to save to a configuration file that we previously saved to Web. config, but in ASP. NET core, this approach may have changed, or you have more diversified methods and more elegant configuration to set up or save the confidential information.
At first I thought this usersecrets it was not useful, because I have to configure the place I directly configured in the Appsetting.json file can be, until the development process, I felt its real purpose.
Directory
Introduction to User Secrets
How to add a user secret
Using User Secrets in your application
Summarize
Introduction to User Secrets
Here are some scenarios where you can think about how we handled the previous code:
Need to save some and third-party site docking key, such as and, Weibo site used Appkey
Configure a user name password that is not used by each developer to access some resources
Developers use their own native database during development, how to configure the database address, account number, and password
Assuming that the last item, each development to use its own native database, you might say let everyone modify their Web. config, when the code is submitted without committing the line. It is not unreasonable to commit the Web. config file if you add additional configuration items to Web. config.
Now, ASP. NET Core provides a very elegant and concise way for User secrets to help us solve this problem.
When you create a new ASP. NET Core Web application, you see a piece of code in the Startup.cs file:
Public Startup (Ihostingenvironment env) {
...... if (env. Isdevelopment ())
{
Builder. Addusersecrets ();
}
Builder. Addenvironmentvariables ();
}
In the Project.json file, you will see some configuration related to User secrets
{
"Usersecretsid": "aspnet-webappcore-e278c40f-15bd-4c19-9662-541514f02f3e"
...
"Microsoft.Extensions.Configuration.UserSecrets": "1.0.0",
"Microsoft.Extensions.SecretManager.Tools": "1.0.0-preview2-final"
}
You can see the builder. Addusersecrets This line of code, he is running in the development environment.
Usersecretsid is used to identify the user secrets uniqueness of the project, and if there are two projects that need to use different secrets, this requires a different usersecretsid.
Microsoft.Extensions.SecretManager.Tools is primarily used to set or view the value of secrets.
How to add a user secret
You can use commands at the command line to add:
Switch the command Line window to the running directory of the program, enter dotnet User-secrets-h to see the commands you can use
Use dotnet user-secrets list to list all user secrets
Use dotnet user-secrets set Wechatappkey "X3423feed2435dd" to set a user secret, where Webchatappkey is the key, followed by a value.
Then use the Dotnet user-secrets list to view the set key-value pairs.
Then I set up a connection string for the database to go in.
The above is the use of the command line to set the user secret, you can also use Visual Studio 2015 instead of the command line to do the work.
In Visual Studio, you can right-click on a Web project to see a menu that manages user secrets:
When you click Open, a Secrets.json file appears, which is the key-value pair that you just set at the command line:
Some students may ask, since it is stored in Secrets.json, then where is this file?
Where is the Secrets.json stored?
In a non-Windows system, its storage location is
~http://www. Qixoo.com/.microsoft/usersecrets/<usersecretsid>/secrets.json
In a Windows system, its location is
C:\Users\ User name \appdata\roaming\microsoft\usersecrets\aspnet-webappcore-e278c40f-15bd-4c19-9662-541514f02f3e
As you can see, the stored upper folder is the value set by the Usersecretsid in the Project.json file.
Using User Secrets in your application
To access the configured user secret in your application, you need to ensure that the dependencies are present in the Project.json file:
Microsoft.Extensions.Configuration.UserSecrets and builder. Addusersecrets ().
The Configuration object is then accessed in the Startup.cs file.
Public Iconfigurationroot Configuration {get;}
public void Configureservices (Iservicecollection services) {
var Wechatkey = configuration["Wechatappkey"]
}
You can use Di to map user secrets to a C # class file, like this
Secrets.json
{"Secretskeys":
{
Wecharappkey: "xxejfwert3045",
Weboappkey: "35402345LKEFGJLKDFG",
.....
}
}
SecretsKeysConfig.cs
public class secretskeysconfig{
public string Wecharappkey {get; set;}
public string Weboappkey {get; set;}
// ......}
Startup.cs
public void Configureservices (Iservicecollection services) {
Services. Configure<secretskeysconfig> (Configuration.getsection ("Secretskeys"));
Other code}
HomeController.cs
public class homecontroller:controller{
Public Secretskeysconfig appconfigs {get;}
Public HomeController (ioptions<secretskeysconfig> Appkeys) {
Appconfigs = Appkeys. Value;
}
}
Note: If your Appsetting.json file has configuration entries in the same node (conflict) as the Secrets.json file, it will be overwritten by the settings in the Secrets.json, because builder. Addusersecrets () Later than Addjsonfile ("Appsettings.json") registration, we can use this feature to reset the database connection string on each developer's machine.
Summarize
Above, it may be felt that Microsoft in ASP. NET Core for developers is very intimate, many small details are taken into account, so in the process of building our application, we can use these small features (features) to make our code more elegant ~
ASP. NET Core gracefully preserves secrets in the development environment (User Secrets)