Skip to content

Instantly share code, notes, and snippets.

@lukasz-madon

lukasz-madon/gist:53a4a89a738ffb7c85e7

Created November 16, 2015 13:49
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save lukasz-madon/53a4a89a738ffb7c85e7 to your computer and use it in GitHub Desktop.
Save lukasz-madon/53a4a89a738ffb7c85e7 to your computer and use it in GitHub Desktop.
Download ZIP
Generate CSRF token
Raw
gistfile1.txt
/// <summary>
/// Generates AntiForgery Tokens
/// </summary>
public static class AntiForgeryTokensGenerator
{
private const string ConstantSalt = "b8YagDpYwB";
private static readonly RandomNumberGenerator CryptoRandomDataGenerator = new RNGCryptoServiceProvider();
// buffer for random string with 32 bytes of entropy
private static readonly int Length = 32;
/// <summary>
/// Generates token from seed. If seed is null, random string us used.
/// </summary>
/// <param name="seed"></param>
/// <returns></returns>
public static string GenerateToken(string seed)
{
if (seed == null)
{
var buffer = new byte[Length];
CryptoRandomDataGenerator.GetBytes(buffer);
seed = Convert.ToBase64String(buffer);
}
using (var sha = SHA256.Create())
{
var computedHash = sha.ComputeHash(Encoding.Unicode.GetBytes(seed + ConstantSalt));
var cookieFriendlyHash = Convert.ToBase64String(computedHash);
return cookieFriendlyHash;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment