Skip to content
Menu
Archicode
  • About me
Archicode

Safely store secrets during development

August 3, 2020 by Hakim

When developing an application, we sometimes need to call an api or connect to a database and for this, we use passwords or keys to connect. If we put them in the appsettings, there’s always the danger of forgetting about them and commit them to source control which can then cause a security flaw.

To prevent this, dotnet provides us with a very useful command to safely store our secrets where they won’t be accidentally committed.

  1. First open a command line in your solution folder
  2. Execute this command :
    dotnet user-secrets init
    This command initialises the local secret repository of your solution
  3. To store data, use this command
    dotnet user-secrets set "keyname" "keyvalue"

Now we can easily access it from our Console application without risking this secret to leak or end up in the wrong hands.

  1. You need to install the following nuget Packages into your solution
    Microsoft.Extension.Configuration
    Microsoft.Extension.Configuration.UserSecrets
  2. In your Program.cs file you will need a ConfigurationBuilder and tie the Id you received from the init command you ran before to the builder
    var builder = new ConfigurationBuilder();
    builder.AddUserSecrets("511ae28b-c9d3-4e21-979f-a310df6102ad");
  3. After a call to the buillder.Build() method you can now access your secret
    var configuration = builder.Build();
    var secret = configuration["Secret"];

Happy coding

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Leveraging the Action Pack subscription in the Pandemic
  • Safely store secrets during development
  • Working with Legacy databases
  • Blazor : convince your CTO (or whomever takes the technical decisions)
  • Blazor : server-side or Web assembly

Recent Comments

  1. ปั้มไลค์ on Encourage your kids to read books
  2. Jamesglalt on How to : Blazor components (basic)
  3. Liza Conable on How to blazorify an existing mvc app
  4. BrianKit on How to : Blazor components (basic)
  5. Luke Sample Amazon on How to blazorify an existing mvc app

Archives

  • March 2021
  • August 2020
  • July 2020
  • June 2020
  • October 2019
  • June 2019
  • February 2019

Categories

  • .NET
  • IoT
  • Misc
  • Uncategorised
©2023 Archicode | Powered by WordPress and Superb Themes!