stackoom
  简体   繁体   中英

Implement a secure login mechansim in Windows presentation foundation (WPF) application

 原文  2017-03-25 16:01:04       c#/ wpf/ authentication/ login

Question

I created a small WPF application that does some operations. I would like to distribute this application to some people, but I want it to be accessible only by the authorized people. I don't really need a registering mechanism.

Because the application is quite small and will be delivered as an EXE file, I don't think that having a database would be an efficient idea.

I was thinking of having a file within the application that contain the credentials of the authorized people, but as far as I know, WPF applications can be easily reversed engineered. I turned my thinking into having the application contact a server to authorize the person or something, but wasn't sure whether it is a good choice or not.

Can you please suggest or throw at me some readings or best practices to study, because whenever I search about this topic I get an example of implementing the UI (which is something i know how to do) and not the login mechanism.

2 answers

solution1
 0 ACCPTED  2017-03-25 16:36:20

Design Guidelines for Rich Client Applications by MSDN

https://msdn.microsoft.com/en-in/library/ee658087.aspx

Read Security Considerations, Data Handling Considerations and Data Access

solution2
 0  2017-03-25 17:12:40

It is very easy to reverse any .Net app , So the point of having an authentication system is for dealing with Noobs and people who do not know about reverse programming , you can use authentication system using Cpu Id for example witch i use , but any way like i said any .Net is reversible . I will shier my authentication logic with you: 

 public static string GetId( )
    {
        string cpuInfo = string.Empty;
        ManagementClass mc = new ManagementClass("win32_processor");
        ManagementObjectCollection moc = mc.GetInstances( );

        foreach (ManagementObject mo in moc)
        {
            if (cpuInfo == "")
            {
                //Get only the first CPU's ID
                cpuInfo = mo.Properties["processorID"].Value.ToString( );
                break;
            }
        }
        return cpuInfo;
    }

After you have cpu id do some encryption 

Public static string Encrypt(string CpuId)
{ // do some encryption
    retuen encryptionCpuId;
}

after that in your UI create a dialog window show the user his cpuID and he will send it to you, after that you will encrypt user's cpuID and give him his activation Key , to do that you must create an other project for generate encryption , And in your App (That you want to publish) check : 

if(Key== Encrypt(GetId()) {// Welcome }
else {Environment.Exit(0); }

So every user have his own Key.

After all this you must know that any one can reflect your code and crack this mechanism.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Grid is not supported in a Windows Presentation Foundation (WPF) project AppCommand are not supported in a Windows Presentation Foundation (WPF) project Controls is not Supported in the Windows Presentation Foundation (WPF) Project MyCanvas is not supported in a Windows Presentation Foundation (WPF) project Windows Identity Foundation in WPF application Disable automatic MouseHover in Windows Presentation Foundation WPF C# How to use get, set in Windows Presentation Foundation (WPF) Windows Identity Foundation for Windows WPF Application Microsoft windows presentation foundation error Why would I get a "BoolToRowHeightConverter is not supported in a Windows Presentation Foundation(WPF) project error in xaml?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM