Reputation:
Store user privileges - the smart way
I'm doing an app that should be for multi-user. currently I have a file that stores username + md5 password hash (with username as salt)
Now I app should be enhanced so that different user can have different privileges. How would you store them the smart way so that nobody can change them but that it's still good to handle for me?
I'm using C#
Upvotes: 0
Views: 310
Answers (2)
Reputation: 22994
I think it's better to use database engine to mange this operation(the easiest way), however if you don't prefer to use database, you can use the same file and add keys to make the privileges like the following:
wael rwx
ahmad rw
K x
from those lines you can see that wael have read, write, execute permissions now in your application you will read the permission and allow/disallow the use.
Upvotes: 1
Reputation: 55072
You seem to be a beginner. For you I may recommend looking at the ASP.NET Membership provider.
But as a side note, please never use MD5. It's not required, and is broken, so it's best to avoid having to justify a reason to using it when there are other perfectly acceptable non-broken hashes.
Upvotes: 0
Related Questions
- C# WinForms User/Permission management
- Exclusive Access Per User
- What datatype to use to store user permissions
- Storing user permissions in a table
- What is the best way to to store user specific data in C#?
- Security: Handle Multiple User Rights
- Best way to implement multiple roles and permissions in c# web app?
- What is the recommended way to handle different user roles in a C# application?
- Patterns / design suggestions for permission handling
- Storing user access level in a database