Jump to content

authentication system


drtrann
 Share

Recommended Posts

so I've made an application that I hope to distribute, but I'm a little concerned that 1 guy will buy it, and start spreading it across the interwebs so i've started to do some reasearch on authentication systems.

as of right now I have a mysql database setup and have a rough idea of how to properly get it to work, but my major questions are more to do with strategy of implementation.

right now I'm trying to figure out how to properly properly make sure the person isnt just passing the login information with the file (IE close the app if multiple people are logged in with the same creds).

crash/sudden disconnect protection: basically make sure that if somone's computer/program crashes and the disconnect code wasnt able to execute that it doesnt lock out legitimate users.

im sure there are a lot of important things im missing, have never messed with any sort of authentication system and hope to do proper research before I tackle something entirely new

Edited by drtrann
Link to comment
Share on other sites

There are a few scripts around that try to do what you need. One of them is

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

There are a few scripts around that try to do what you need. One of them is

yeah i saw that, my only take away is that xprotec seems overly complicated for what i need. what im thinking is just having it so 2 unique hardware ID's can work under a given username (person's email) if they attempt to login login with a different hardware ID it tosses an error and they cant run the application. this way i wont need to worry about if the program crashed/ open connections/locked accounts.

I know system ID's can be spoofed, but im hoping this will at least deter the copy pasters who wouldnt know/care enough to spoof hardware IDs

now given the above, is there anything glaringly obvious that im missing?

Edited by drtrann
Link to comment
Share on other sites

Have a look at this

My UDFs and Tutorials:

Spoiler

UDFs:
Active Directory (NEW 2022-02-19 - Version 1.6.1.0) - Download - General Help & Support - Example Scripts - Wiki
ExcelChart (2017-07-21 - Version 0.4.0.1) - Download - General Help & Support - Example Scripts
OutlookEX (2021-11-16 - Version 1.7.0.0) - Download - General Help & Support - Example Scripts - Wiki
OutlookEX_GUI (2021-04-13 - Version 1.4.0.0) - Download
Outlook Tools (2019-07-22 - Version 0.6.0.0) - Download - General Help & Support - Wiki
PowerPoint (2021-08-31 - Version 1.5.0.0) - Download - General Help & Support - Example Scripts - Wiki
Task Scheduler (NEW 2022-07-28 - Version 1.6.0.1) - Download - General Help & Support - Wiki

Standard UDFs:
Excel - Example Scripts - Wiki
Word - Wiki

Tutorials:
ADO - Wiki
WebDriver - Wiki

 

Link to comment
Share on other sites

I had the same issue, what I do is use a mysql db for the login details BUT I also do 2 other things, I send the user a test file which gets me the hard drive id number which I tell the script to check, I also put a blank php file on the server, I check the file exists via the script too, that way it will only work on ONE machine, delete the file and it stops working.

Link to comment
Share on other sites

thank you for the hardware ID information.

now comes the actual coding questions.

I need my code to be able to assign the hardware ID's the user's row in the database, but to do that it would need edit access to the database, now im very very very much against hardcoding that in somewhere in the program. is there another way to do this that doesnt put my database at risk. (in that PHP link you gave me water they do this with the PHP file, but there they hardcore in the username/password which would make it even easier to find (they would just have to view the php file)). maybe i just dont understand how PHP works, but hardcoding in the access information for a database seems like a really bad idea

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...