php - ASP.NET authentication for custom API -


i know pretty discussed topic i'm struggling in finding solution case.

i have done working api service in asp.net (c# 4.5.1). clients uses php pages call page.aspx on server , sending via post string. string contains id , cypher message. every user have different key (aes 256) and, since have id db correct key decypher message , request contains. check ip, every client have list of approved ips (when not using debug mode testing)

i method have let users purchases. implemented (thank paypal) , works, feel security weak.

so wanted add already known , already wrapped authentication system, without re-writing of working , debugged code.

since used lot of big internet services thought oauth 2.0 (and i know nothing it), looks talks creating login uses services facebook, google, twitter , go on.. not case. have my own database my user list , need know 100% security calling api service.

i tried creating new web api 2 project (mvc.. damn) cannot understand if can use service without rewriting logic api calling (and saw looks no answer)

so question is: authentication method can use easy implement without rewriting already working code , can usable clients php?

i watching "asp.net mvc 5 fundamentals" tutorial on pluralsight scott allen explains quite nicely. before watching tutorial, 1 app worked on, had table in database tokens issues @ login. client send token request. @ server side, did custom attribute called [checktoken] inside check if token exists in database , if stil valid (not expired, etc.) went step further , swap token if token gets stolen, not valid long. way, user not have keep login in time.


Comments

Post a Comment

Popular posts from this blog

toolbar - How to add link to user registration inside toobar in admin joomla 3 custom component -

im trying write component admin side , need add user creation. dont want duplicate existing codes add link. know how add task not simple link toolbar. thx help. if wanting button opens new user screen can try in component: $bar = jtoolbar::getinstance('toolbar'); $bar->appendbutton('link', 'users', 'new user','index.php?option=com_users&task=user.add'); you need add view.html.php file wherever you're creating toolbar. is need?
Read more

linux - disk space limitation when creating war file -

i have 1 gb disk space limitation hosting app , have used 700mb of it. however want create war file directory big (around 600mb) using command : jar -cvf root.war folderpath that's why encounter quota limitation , can't following. i'm looking way delete folder content when it's applying archive conserve disk space take note can't install zip tool in ssh shell ~ the code works on test directories, test first anyway, deletes files. it's not efficient. assumptions: 300mb free space, in destructively compress 600mb folderpath directory. none of files big -- if file in folderpath 300mb or larger, fail. notes: if ' $out ' file exists, nothing. first find pipes file list while , if ' $out ' doesn't exist in loop, create it, don't update -- if does exist, update it. each pass adds 1 more file, deletes unless file directory. after loop finishes delete empty directories too. unset u ; in=folderpath ; out=roo...
Read more

How to provide Authorization & Authentication using Asp.net, C#? -

Image
i have asp.net application in c#. i have provide page authorization specific user/usergroup. i have created 2 tables in database: 1) pagename 2)permissions[insert, update, view, delete] but i'm unable match tables , permissions assigning... can 1 please me, how created tables in database , how coding. please me. you can below explanation. configure access specific file , folder, set forms-based authentication. request page in application redirected logon.aspx automatically. in web.config file, type or paste following code. this code grants users access default1.aspx page , subdir1 folder . <configuration> <system.web> <authentication mode="forms" > <forms loginurl="login.aspx" name=".aspnetauth" protection="none" path="/" timeout="20" > </forms> </authentication> <!-- section denies access files in...
Read more