C
C#4mo ago
TheApostles

Secure login

Hey all, Looking to create a really secure login window with Net 8, but, see I'm still new, I've heard creating and attaching database strings to the application isn't that smartest way to go, I've heard attaching an api to a database is the way to go. 1. How do I do this? Could someone link a tutorial 2. What Database should I be using for this? 3. What are some ways I could make the application/window very secure
6 Replies
Jimmacle
Jimmacle4mo ago
1) there are lots of ways, you should start by looking at ASP.NET Core web APIs 2) doesn't matter, sqlite is a good option for low setup or postgresql for a proper database 3) don't put any secrets in the client application, use secure connections like HTTPS, don't roll your own cryptography 3a) assume that nothing in your client application is safe from prying eyes 3b) assume that people will try to use your API in unintended ways
TheApostles
TheApostles4mo ago
Thank you, this definitely gives me a better idea of what I need to do, I took your info from last time and upgraded my application to NET 8, is that what I should of done?
Jimmacle
Jimmacle4mo ago
.NET 8 is the latest version so yes
Bailey
Bailey4mo ago
Hi, Just some extra advice. If you have a database, then you should never transfer data 1 on 1. Just an example. If I put a single quote in the request and this is transferred to the database as is with an sql query command, you can do more, ==> Using Entityframe work works nice Password protection ==> never put the password in the database always use a hash. I do not know what you exactly need. But there are rainbow tables to reverse the hash. Sollution is sanding it. But for some snadings there are also rainbow table. Bitcoin has a sollution for this. They do a double hash. ==> crerating a hash with sanding and over this hash another hash with other sanding. I hope this hlps ps. There is more involved in manipulatating a data base, but a reaction to a single quote is a start. So it's just an example of to show you not to use direct sql commands with the received data
TheApostles
TheApostles4mo ago
Interesting , I was just looking at EntityFrameWork, trying work out what it was for. Can you elaborate on it more?
Jimmacle
Jimmacle4mo ago
it's an ORM, which is broadly a library that simplifies integrating databases with your C# code in a lot of use cases you don't have to write any actual SQL at all, you make queries using LINQ you write some C# classes that represent "entities" that you want to store in your database and it figures out how to set up your database so it can store them
Want results from more Discord servers?
Add your server
More Posts
✅ what is this? i dont know what to call this.I'm making the game "simon" in winforms, and i ran into a 'problem'. In my game class, there's 2 lisHelp me to execute existing project(ASP.NET)Help me I have just started ASP.NET project But I am not executing project yet I have ASP.NET projec✅ Creating an installer for applicationYou know how when you download an application off the internet, click to open the application and itAdd custom font in c# winformsI'm trying to add a custom font to my C# winforms project and I get this error when selecting the foTask.Delay vs. SpinWait.SpinOnceIs there any performance loss/difference compared between using Task.Delay (allocating multiple task✅ Can't figure out two error messages - AvaloniaSplash.axaml: https://pastebin.com/2BJjnKqa Error: ```console Unable to resolve type SplashViewModel✅ I would like to have a dynamic button but need help with executionHello, I am a fledling .NET developer. TO get proficient, i decided to make a weather application usErrorSystem.NullReferenceException HResult=0x80004003 Message=Object reference not set to an instancePublish to single working .exeHi, almost complete beginner with c#, and I'm not sure, what I need to do, to solve it. Previously need help with feeling unmotivatedso as all of you know programming can be complex and we may have number of problems that are more th