C
C#9mo ago
Developful

✅ Login system using avalonia

I'm using avalonia to make a simple login system. The way it works is that you put in your credentials, and then it sends over to the backend (servers), so it can check if they're correct. But I have a question, when you make an account for example, which sends the password over to the server to store it (a hashed version of it), wouldn't a middle man be able to take it? Is there a way to prevent this by encrypting or something? And also when sending over the password to the backend to check for credentials, wouldn't this propose basically the same problem? If so, what are some ways to prevent this? Or is this an issue I'm somehow overthinking? I've searched a bit for login/authentication systems, but can't really find much (perhaps i'm googling the wrong thing).
6 Replies
Pobiega
Pobiega9mo ago
HTTPS my friend, HTTPS. I'm assuming you are using HTTP to send messages between your clients and the backend, and if thats true, hopefully you are using HTTPS.
Developful
Developful9mo ago
oh i haven't made this yet, i'm still brainstorming on how to do it. obviously https is my go-to option would that actually be enough?
Pobiega
Pobiega9mo ago
It comes with transport layer secuyity (TLS), which means your data is actually encrypted oh yes, absolutely if its good enough for everyone else, including banks, stock markets, airlines, facebook, google etc... On the server side, you would ofcourse never store the password as plaintext thou, use something nice like argon to store a salted hash of it
Developful
Developful9mo ago
yeah incase of a data breach. well this would never actually happen, its just a small project of mine, but still good enough to learn lots thank you so much
Pobiega
Pobiega9mo ago
np
Pobiega
Pobiega9mo ago
Want results from more Discord servers?
Add your server
More Posts
❔ How to show users a message if missing NET Core Runtime?My mostly-console application requires .NET 7. Unfortunately, when users don't have it, it just sile❔ Event driven architectureI have a question about some greenfield architecture and wondering how to best achieve this. Using .✅ VS Launch ProfilesIn the attached image (from a video) a window called 'Launch Profiles' is shown. I need to create a ✅ What is IEnumerable<out T> ?Hi! I have written this code which works, but I dont understand what type of value 'var myQuery' act❔ SignalR for real-time REST api data in WPF?Hey, Im working on a hobby WPF application that needs to consume a rest api for real-time updates o❔ Need help with api calli need help with an api call❔ Fluent validation custom methodHello! I am trying to do a generic method to validate all the mails in any DTO i have. Since i h❔ IIS urlrewrite not workingI have a simple web.config for an index.html page like this: ```html <?xml version="1.0" encoding="❔ Benefit of ref structsHey folks! I've been trying for a bit to understand the purpose of using a ref struct over a regula❔ Making a method referenceIs this the correct way to call a method from other class in one main file or is something else bett