Download to read offline
More Related Content
![[Wroclaw #6] Introduction to desktop browser add-ons](https://cdn.slidesharecdn.com/ss_thumbnails/owaspppt2wz-170531065551-thumbnail.jpg?width=640&height=640&fit=bounds)
![[OPD 2019] Inter-application vulnerabilities](https://cdn.slidesharecdn.com/ss_thumbnails/interapplicationvulnerabilities-mszydlowski-191021171552-thumbnail.jpg?width=640&height=640&fit=bounds)
Similar to validation of user credentials in social network by using Django backend authentication
validation of user credentials in social network by using Django backend authentication
- 1. NUR IZZATI SHOLEHAHAZLAN 043772 SUPERVISOR: EN. AHMAD FAISAL AMRI ABIDIN @ BHARUN BACHELOR OF SCIENCE COMPUTER (COMPUTER NETWORK SECURITY) WITH HONORS FINAL YEAR PROJECT1 CSF35104
- 2. VALIDATION OF USER CREDENTIALSIN SOCIAL NETWORK BY USING Title FYP DJANGO BACKEND AUTHENTICATION
- 3. Process Model-Framework01 Data Model-Logicaldata02 Proof of concept03 Solution Complexity04
- 4. Introduction • Authentication backendsprovide an extensible system. Its allow the ability to change the method to checks user credentials. • This project is leveraged Django framework due to it is comes with a user authentication system which consist of backend authentication. • Apply token based authentication in backend authentication .
- 5. Problem statement • Everytime a user is authenticated, the server will need to create a record somewhere on our server. This is usually done in memory and when there are many users authenticating, the overhead on your server increases. Username and password not secure because cookies can be accessed by the server by parsing the Cookie HTTP request header. • Need to hook into another authentication source – another source of usernames and password or authentication methods.
- 6. OBJECTIVE To studyvalidation of user credentials in social network focusing on backend authentication. To configure a Django framework platform for authentication backend server. To integrate token based authentication technique as integral part of Django based authentication backend server. To test Django framework backend authentication in social network.
- 7.
- 8. 1) Install Pythonand Django 2) Configure Django and Django Rest Framework 3) Configure Django framework platform for authentication backend server 4) Integrate token-based authentication technique as integral part of Django based authentication backend server 5) Build an API6) Backend server connect an API and request check credential 9) User got token 7) Social network validates user credential and sent back to backend using API. 8) Django framework Backend server communicate with user
- 9. Social network application If valid credentials Datamodel Request credentials yes Client stores that token and sends it along with every request Start Got token no Backend server Validated from Django.contrib.admin Django.contrib.auth Rest framework End If Server Verifies token yes no
- 10. Proof of concept Djangois Python web framework Pip(Package manage for python) Virtualenv(Provide a dedicated environment for each Django project)
- 11. Proof of concept InstallDjango use pip
- 12. Proof of concept UsePyCharm manage.py • DJANGO_SETTINGS_MODULE
- 13.
- 14. Proof of concept Runthe server manage.py on the project
- 15. Proof of concept Developmentserver is running at
- 16. Django Rest Framework . •Django Rest Framework, one of the most popular python package meant for Django to develop rest api’s and it made things really easier from authentication to responses each everything
- 17. Proof of concept InstallDjango using pip Markdown Django- -filter
- 18. Proof of concept Thencreate a dedicated migration file and migrate ch ange to the project database.
- 19. Proof of concept Createsuper user
- 20.
- 21.
- 22. Proof of concept Checkthe server if have error with the code.
- 23. Proof of concept LoginDjango with the password you set in the server.
- 24.
- 25. Solution Complexity Technique: Token basedauthentication
- 26.
- 27. Reference Felix. (2014, April23). felixthea. Retrieved from Frontend vs Backend: Learn Before Hiring a Freelance Developer: http://felixthea.com/frontend-vs-backend/ justmobiledev. (2017, November 12). justmobiledev. Retrieved from HOME: http://justmobiledev.com/token-based-versus- cookie-based-authentication-methods/ Lee, J. (2017, November 14). makeuseof.com. Retrieved from The Pros and Cons of Two-Factor Authentication Types and Methods: https://www.makeuseof.com/tag/pros-cons-2fa- types-methods/
- 28. Reference Denis, S. (2018,January 10). protectimus.com. Retrieved from The Pros and Cons of Different Two-Factor Authentication Types and Methods: https://www.protectimus.com/blog/two- factor-authentication-types-and-methods/ DigitalOcean. (2011-2018). django-rest-framework.org. Retrieved from Django Rest Framework: https://www.django- rest-framework.org/#installation Django software, f. (2015-2018). Djangoproject. Retrieved from Django: https://docs.djangoproject.com/en/2.1/topics/auth/customizing/
- 29. Reference MICHAEL, C. (n.d.).compukol. Retrieved from Social Media vs Social Networking: https://www.compukol.com/social-media- vs-social-networking/ Samanage. (2014, june 24). samanage.com. Retrieved from What is Multifactor Authentication?: https://blog.samanage.com/it-asset-management/multifactor- authentication-challenges-and-benefits/ Sarita Yardi, N. F. (2008, August 18). Photo Based Authentication using social networks. p. 5.
- 30. Reference Sevilleja, C. (2015,January 21). The Ins and Outs of Token Based Authentication. Retrieved from scotch.io: https://scotch.io/tutorials/the-ins-and-outs-of-token-based- authentication sslayo. (2015, october). I Will Create PHP Scripts That Use Any Web Api. Retrieved from fiverr.com: https://www.fiverr.com/sslayo/create-php-scripts-that-use-any- web-api Steven, H. (23, May 2017). Advantages and Disadvantages of Django. Retrieved from hackernoon.com: https://hackernoon.com/advantages-and-disadvantages-of- django-499b1e20a2c5