Distributed Systems Project.
Project overview and inspiration.
This project is part of the distributed systems coursework. The goal of the project is to create a server-client communication application using the following technologies:
- C#.
- ASP.NET.
- Entity Framework.
- Web API.
- Cryptography.
Features.
User Creation.
There were two types of users which were usable with the server and client. These were the Admin and User user types. Requests were sent to the server using GET and POST requests to check if any user was within the database or not. The first user to log on to the server will be automatically assigned an Admin user-type. Moreover, if another user logins after the first user, will be automatically assigned a "User" user-type.
Database Structure.
The structure of the database was developed using Entity Framework while utilising the code-first aspect to design the database. Each User including the Admin has a collection of entries stored separately in another table on the database. All user log entries are saved on the same table, and each log entry has a unique ID and is attached to its respective user.
Encryption.
On user signup to the server, the user has the option to encrypt and send their data using either SHA1 or SHA256 encryption. However, the user must first obtain a Public Key which is requested by the client and is derived from the server. Without the public Key, encryption will not be successful. The user also has the option to verify and sign messages sent from the client. Verification is done so that the client can confirm that messages sent was signed and verified by the server and not by an unknown entity. If the case was the latter, the client will indicate to the user that the message was not successfully signed.
User Authorization.
Some of the server's resources are inaccessible to regular users. One of the features implemented was that only a user with Admin privileges could change another user's role or delete a user. This was implemented through a Middleware. In which, the middleware checks the validity of a request and confirms if the user sending the request has the authority to make the server carry out a specific request.
Server Design.
The type of server designed for the project was a stateless server. A stateless server is a server which does not save client information between requests, and the client is continuously authorized by the server. The client also has to keep sending over the necessary credentials for the server to carry out a particular task given by the client.
Tools Used.
- C# code base.
- ASP.NET.
- RESTful services.
- Microsoft Cryptography.
- Threading Tasks(C# Library).
- ASP.NET core MVC.