Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 

wep-app-sec

A compact ASP.Net application to learn about securing web applications and apis.

Introduction

Being a developer for over three decades I have been dealing with with the new keywords, terminology, along with the new and exciting technology, all the time. Being an old-timer, and a strong proponent of KISS (Keep It Simple and Stupid,) I sometimes feel lost. In those situations, I try to simplify stuff for others like me, who perhaps can benefit with my work. This project is along the same lines.

If you are new to this subject, I suggest you to watch a very simple slideshow I prepared on this topic. [https://www.ipcolony.com/#blog-web-security]

What you will learn

Using this project you will learn pretty much how OAUTH works, though the project itself does not use it.

The following items are covered in the project.

  • Forcing https for your site
  • Password validation against stored hash
  • Returning a token after authentication
  • Using token for for subsequent conversation
  • Maintaining the tokens on the server side using a simple thread safe list
  • Securing Api methods
  • Adding added authorization to Api methods so that only selected users can use it

About

A compact ASP.Net application to learn about securing web applications and apis.

Topics

Resources

License

Releases

No releases published

Packages

No packages published