0

I'm wondering if someone can point me in the direction of some online resource for the following problem, I've tried to search for terms but not getting any hits.

I'm wondering how to create a C# forms application, that will connect to a database (SQL/Azure(Maybe) but I want the users to be able to register themselves. Therefore the application surely will need some sort of "Embedded" login for the users to be able to register.

I know in the web app variant, the app.config file is protected and ideal for holding connection strings and the like but i'm unaware of anything like this for form type applications.

Things I thought may work...

1, Create an DB account with limited functionality (This would be the embedded login/user) that has access to the "create user" proc only. Then once registered the user has to authenticate again for the app for effectively work.

2, Embed a single user account in the app which acts as the only connection between app and database all the time and create a user table, which the user adds too. Then design a privilege system within the database and the associated user. Similar to the web.app approach.

Finally, if the links or help doesn't cover it. Would it be better to create Logins/Users (which could get very large) or create fewer logins/user and manage it through a table/privelge system within the database?

Thanks

Tony
  • 3
  • 3
  • 2
    You could encrypt the app.config similarly to a web.config as detailed [here](https://stackoverflow.com/questions/5803188/encrypting-connectionstrings-section-utility-for-app-config). Consider a service layer instead of connecting directly to the database from the WinForm app with option #2. – Dan Guzman Aug 30 '20 at 11:54
  • Will this application be running on a public windows machine or will the users log in to windows with their own accounts? Also consider using a Asp.Net built in functionality for registration as it already covers a lot of the work and then only use a login screen to log into the application. Consider adding different layers to the app like UI - WebApi - Data. – CobyC Aug 30 '20 at 12:29
  • I envisaged an application (winform) connecting to a azure (cloud) database. I was aware this might expose the Azure endpoint within the application but I was curious if this was accepted / done and how one would go about it, – Tony Sep 01 '20 at 11:14

1 Answers1

0

Personally I would take advantage of the asp.net built in registration process.

Design the app with multiple layers.

  • UI (winForm) The main app with login form only.
  • UI (Web) for registration purposes only.
  • WebApi for access to data etc..
  • Data for access to your data, EF, Nhibernate, SQL etc..

This tutorial from Microsoft shows how to build the registration pages that includes registration and confirmation email process, password resets etc..

Then in the WinForms application you only need a login screen, as shown in this tutorial

It might sound like more work, but you really win a lot using the provided web functionality, for example if you need to download the WinForms app from a website you can have a user register first before downloading the app.

CobyC
  • 2,058
  • 1
  • 18
  • 24
  • Thanks for your suggestion. My application could in theory be built in asp.net so this would be the accepted answer. I was more curious for those not able/wanting to use a webserver and go straight from the client to a database. – Tony Sep 01 '20 at 11:11