Skip to content

Commit

Permalink
Update README.md (#53)
Browse files Browse the repository at this point in the history
  • Loading branch information
@wallin
wallin authored Jan 6, 2022
1 parent 8c9f265 commit d8627fe
Showing 1 changed file with 2 additions and 96 deletions.
98 changes: 2 additions & 96 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,9 @@ Supporting **.NET Standard 2.0** and **.NET Framework 4.6.1+**. Refer to Microso

**[Castle](https://castle.io) analyzes device, location, and interaction patterns in your web and mobile apps and lets you stop account takeover attacks in real-time.**

## Documentation
## Usage

[Official Castle docs](https://castle.io/docs)
See the [documentation](https://docs.castle.io) for how to use this SDK with the Castle APIs

## Installation

Expand Down Expand Up @@ -97,93 +97,6 @@ public class DebugLogger : ICastleLogger
}
```

## Actions
The `CastleClient` instance has the action methods **Track** and **Authenticate**. In order to provide the information required for both these methods, you'll need access to the logged in user information (if that is available at that stage in the user flow), as well as request information. In **asp.net core**, both Razor Pages pages and MVC controllers expose the information you need in `User` and `Request` members.

### Track

For events where you don't require a response.

```csharp
castleClient.Track(new ActionRequest()
{
Event = Castle.Events.LogoutSucceeded,
UserId = user.Id,
UserTraits = new Dictionary<string, string>()
{
["email"] = user.Email,
["registered_at"] = user.RegisteredAt
},
Context = new RequestContext()
{
Ip = Request.HttpContext.Connection.RemoteIpAddress.ToString(),
ClientId = Request.Cookies["__cid"],
Headers = Request.Headers.ToDictionary(x => x.Key, y => y.Value.FirstOrDefault());
}
});
```

### Authenticate

For events where you require a response. It is used in the same way as `Track`, except that you have the option of waiting for a response.

```csharp
var verdict = await castleClient.Authenticate(new ActionRequest()
{
Event = Castle.Events.LogoutSucceeded,
UserId = user.Id,
UserTraits = new Dictionary<string, string>()
{
["email"] = user.Email,
["registered_at"] = user.RegisteredAt
},
Context = new RequestContext()
{
Ip = Request.HttpContext.Connection.RemoteIpAddress.ToString(),
ClientId = Request.Cookies["__cid"],
Headers = Request.Headers.ToDictionary(x => x.Key, y => y.Value.FirstOrDefault());
}
});
```

#### Response format

| Property | Description
| --- | ---
| Action | The recommended action for the given event.
| UserId | The `UserId` of the end user that was provided in the request.
| DeviceToken | The Castle token for the device that generated the event.
| Failover | A boolean indicating if the request failed and the response is a failover.
| FailoverReason | A message indicating why the request failed in case of failover.

#### Failover

When a request to the `/v1/authenticate` endpoint of the Castle API fails, the SDK will generate a failover response based on the `FailoverStrategy` set in the `CastleConfiguration` object.

If no failover strategy is set (i.e. `None`), a `Castle.Infrastructure.Exceptions.CastleExternalException` will be thrown.

### All request options for `Track` and `Authenticate`

| Option | Description
| --- | ---
| Event | The event generated by the user. It can be either an event from the SDK constants in `Castle.Events` or a custom one.
| UserId | Your internal ID for the end user.
| UserTraits | An optional, recommended, dictionary of user information, such as `email` and `registered_at`.
| Properties | An optional dictionary of custom information.
| Timestamp | An optional datetime indicating when the event occurred, in cases where this might be different from the time when the request is made.
| DeviceToken | The optional device token, used for mitigating or escalating.
| Context | The request context information. See information below.

#### Request context

| Option | Description
| --- | ---
| Ip | The IP address of the request. Note that this needs to be the original request IP, not the IP of an internal proxy, such as nginx.
| ClientId | The client ID, generated by the `c.js` integration on the front end. Commonly found in the `__cid` cookie in `Request.Cookies`, or in some cases the `X-CASTLE-CLIENT-ID` header.
| Headers | Headers mapped from the the original request (most likely `Request.Headers`).

You can call `Castle.Context.FromHttpRequest(request)` to get a ready-made `RequestContext` instance from your current request.

##### ASP&#46;NET MVC 5
```csharp
public class HomeController : Controller
Expand All @@ -209,13 +122,6 @@ public class IndexModel : PageModel
```



## Securing requests

See the documentation on [securing requests](https://castle.io/docs/securing_requests) in order to learn more.
Use the `Castle.Signature.Compute(string key, string message)` method, with your **API Secret** as key, to create a signature to use in the frontend and to validate **Webhooks**.

## Troubleshooting
### Can't find System.Runtime.InteropServices.RuntimeInformation
You target .NET Framework and get an exception on startup.
Expand Down

0 comments on commit d8627fe

Please sign in to comment.