27

When I create user by Register action whe application is running the application user gets SecurityStamp. When I add user by:

if (!context.Users.Any()) {
    System.Diagnostics.Debug.WriteLine("INSIDE");
    var hasher = new PasswordHasher();
    try {
        var users = new List<ApplicationUser> { 
            new ApplicationUser { PasswordHash = hasher.HashPassword("TestPass44!"), Email = "[email protected]", UserName = "[email protected]" },
            new ApplicationUser { PasswordHash = hasher.HashPassword("TestPass44!"), Email = "[email protected]", UserName = "[email protected]" }
        };
        users.ForEach(user => context.Users.AddOrUpdate(user));
        context.SaveChanges();
    } catch (DbEntityValidationException e) {
        System.Diagnostics.Debug.WriteLine("EXC: ");
        foreach (DbEntityValidationResult result in e.EntityValidationErrors) {
            foreach (DbValidationError error in result.ValidationErrors) {
                System.Diagnostics.Debug.WriteLine(error.ErrorMessage);
            }
        }
    }
}

user doesn't get security stamp:

enter image description here

and then when I want to login I get:

enter image description here

Question: How to generate SecurityStamp for user?

Improve this question
2
  • Why don't you use UserManager.CreateAsync(); instead? Commented Aug 18, 2014 at 2:45
  • @MohamadBataineh UserManager didn't work for me. Maybe I have done mistake somewhere: here is the topic --> stackoverflow.com/questions/25354751/… Commented Aug 18, 2014 at 2:48

2 Answers 2

Reset to default
42

The security stamp can be anything you want. It is often mistaken to be a timestamp, but it is not. It will be overriden by ASP.NET Identity if something changes on the user entity. If you're working on the context directly the best way would to generate a new Guid and use it as the stamp. Here's a simple example:

var users = new List<ApplicationUser> 
{ 
    new ApplicationUser
    {
        PasswordHash = hasher.HashPassword("TestPass44!"), 
        Email = "[email protected]", 
        UserName = "[email protected]", 
        SecurityStamp = Guid.NewGuid().ToString()
    },
    new ApplicationUser
    {
        PasswordHash = hasher.HashPassword("TestPass44!"),
        Email = "[email protected]", 
        UserName = "[email protected]", 
        SecurityStamp = Guid.NewGuid().ToString()
    }
};
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

It worked do you know why I couldn't login without this SequirtyStamp set?
@Yoda I had the same problem some time ago, but I can only guess. I think that this property will be checked by the framework during the login process to make sure your database wasn't corrupted (or something like this). According to this post it is used to invalidate cookies.
The security stamp is used to invalidate a users login cookie and force them to re-login. stackoverflow.com/a/19505060/749626
If it's null, your password reset may not work - "Invalid token." error
3

If we look inside IdentityUser table AspNetUsers data, we'll see that SecurityStamp has a different form than a normal GUID:

Identity AspNetUsers

This is because the GUID is converted to a HEX map string.

We can create a function to generate new Security Stamps, that it will generate a new GUID and convert it to a HEX map string:

Func<string> GenerateSecurityStamp = delegate()
{
    var guid = Guid.NewGuid();
    return String.Concat(Array.ConvertAll(guid.ToByteArray(), b => b.ToString("X2")));
};

You can check it running to this .NET Fiddle.

So, if we want to seed Identity Users, we can use it to generate the SecurityStamp:

modelBuilder.Entity<IdentityUser>().HasData(new ApplicationUser
{
    ...

    // Security stamp is a GUID bytes to HEX string
    SecurityStamp = GenerateSecurityStamp(),
});

Warning: Be very careful and don't use the above example for seeding, because it will change the data every time we create a new migration. Seeding data should always be pre-generated when using HasData and not dynamic inline generated.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.