Info
Version: | 1.0.0 |
Author(s): | Sven Erik Matzen |
Last Update: | Saturday, January 11, 2014 |
.NET Fiddle: | Create the first Fiddle |
Project Url: | https://semauthentication.codeplex.com/ |
NuGet Url: | https://www.nuget.org/packages/Sem.Authentication |
Install
Install-Package Sem.Authentication
dotnet add package Sem.Authentication
paket add Sem.Authentication
Sem.Authentication Download (Unzip the "nupkg" after downloading)
Dependencies
- YubicoDotNetClient(1.0.0.0)
Tags
The purpose of this project is to provide tools for an MVC application developer to ease some tasks in the field of authentication and authorization.
What problems does it solve?
In web applications you face issues like getting a 2nd factor of authentication for specific actions or preventing the usage of attack tools like havij.
This library provides you with easy to use ASP.Net MVC attributes to handle such challenges.
Current feature list:
Attribute based additional authentication factor for MVC controller actions
The attribute "YubikeyCheck" validates a YubiKey (http://www.yubico.com/) token string and redirects to a specific page if the token is not valid (list of users that are allowed to authenticate via YubiKey can be configured inside an XML file). If you have a different 2nd factor, you can inherit from an abstract base class “AuthenticationCheck” that does provide some of the “infrastructure” for such a check.
Attribute based throttling of requests from one client
The attribute "MinimumRequestTimeDistance" allows to set a minimum of time between two requests from a single client for a specific controller action.
With the attribute "FastRequestsProtection" you can specify how many requests per second can be issued from one client (this allows the client to issue "n" requests simultaneously, but then the client has to wait). Both attributes will lower the effectiveness of automated attack tools that mostly rely on a mass of requests issued in short time.