stackoom
  简体   繁体   中英

How to deploy ASP.NET Core UserSecrets to production

 原文  2016-09-23 19:44:56       c#/ asp.net-core/ asp.net-core-mvc

Question

I followed the Safe storage of app secrets during development guide over on the asp.net docs during development but it does not describe how to use it when publishing to another machine for QA, Production, etc. What I figured it would do was insert them into the appsettings.json during publish but it does not. I ended up having to place my SendGrid keys and other sensitive information directly into the appsettings.json which really defeats the purpose of the app secrets.

Is using app secrets the best way or is there another way to store API keys and SQL user/passwords in my configs?

2 answers

solution1
 27 ACCPTED  2016-09-23 20:43:57

Don't use app secrets in production. Ever. As the article says DURING DEVELOPMENT.

How you publish secrets in production is up to your production environment. Linux, Windows and Azure all support environment variables - that's where your secrets should go, using whatever UI your hosting provider gives you.

The app settings documentation goes into this in greater detail

solution2
 0  2018-09-20 07:31:17

Why "don't use app secrets in production". Is it encrypted secrets safe? It's very acceptable for app configuration, for example, your mentioned SendGrid for password recovery. Is it configuration secrets at all in server? Why do I prohibited? Just copy compiled from development to production and it works.

Startup.cs

    public Startup(IConfiguration configuration)
    {
        Configuration = configuration;
        var builder = new ConfigurationBuilder().AddUserSecrets<Startup>();
        Konfiguration = builder.Build();
    }

    public IConfiguration Configuration { get; }

    public IConfiguration Konfiguration { get; }

    public void ConfigureServices(IServiceCollection services)
           ....
        services.AddSingleton<IEmailSender, EmailSender>();
        services.Configure<AuthMessageSenderOptions>(Configuration);
        if (Configuration["SendGridKey"] != null)
            return;
        // linux'e secrets.json nenuskaitomas
        services.Configure<AuthMessageSenderOptions>(options => {
            options.SendGridKey = Konfiguration["SendGridKey"];
            options.SendGridUser = Konfiguration["SendGridUser"];
        });
    }

HomeController.cs

    private readonly IOptions<AuthMessageSenderOptions> _optionsAccessor;

    public HomeController(..., IOptions<AuthMessageSenderOptions> optionsAccessor)
    {
        ...
        _optionsAccessor = optionsAccessor;
    }

    public IActionResult Index(...)
    {
        if (_optionsAccessor.Value.SendGridUser != null)
            ModelState.AddModelError("", _optionsAccessor.Value.SendGridUser);
        ....

Go forward with "Enable account confirmation and password recovery" https://docs.microsoft.com/en-us/aspnet/core/security/authentication/accconfirm?view=aspnetcore-2.1&tabs=visual-studio#configure-email-provider

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question ASP.NET Docker UserSecrets location ASP.NET Web API userSecrets connection string How to WebDeploy an ASP.NET Core application in “Production” environment? How to configure IdentityServer in ASP.NET Core 3.1 production what is the proper way to deploy microservices written with ASP.Net core web application to production ASP.NET Core 6 launchUrl equivalent for Production How to Host and Deploy ASP.Net core 2.0 webapi on azure? How deploy Asp.Net Core 6 + Angular SPA locally Instantiation of ASP.NET Core application in production How to Deploy ASP.NET Core MVC with Vs Code on a Mac?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM