Skip to content

Latest commit

 

History

History
81 lines (69 loc) · 4.3 KB

README.md

File metadata and controls

81 lines (69 loc) · 4.3 KB

DEPRECATED

This project has been deprecated in favour of moving to a SPA architecture, starting with TemplateV3.Angular

Template.Razor V2 Build Status

Intended for building small self-contained business applications, this template strives to be fast, secure and easy to understand.

Demo (broken link, will fix soon)

Test User

U: admin P: 123456

Features

  • User profile
  • Activity Log
  • Admin section
  • User Journeys (Sessions)

Architecture

  • Built with Razor Pages
  • N-tier application with a focus on seperation of concerns
  • Uses MVC 6 with the latest version of Visual Studio 2019 and ASP.NET 5
  • UI validation is shared with backend validation (client-side can only perform basic rules)
  • C# 8.0 Nullable References are enabled (.NET Standard 2.1)

Database

  • It is recommended to use SQL Server so that you can utilise the database project included
  • Database project targets Microsoft SQL Server 2019 and uses the micro ORM Dapper
  • This project ONLY uses stored procedures to perform database querys
  • Initial roll out script V1.sql is included and contains seed data
  • Tables contain a soft-delete metadata column Is_Deleted to allow foreign key integrity
  • Stored procedures are used to perform CRUD-like operations on the database
  • Connecting to a MySQL database is supported

Backend

  • Business logic is contained within the Services layer
    • Services handle page request-response business logic
    • Managers handle independent logic (caching, authentication, session etc)

UI

  • SB Admin 2
  • JQuery
  • JQuery DataTables
  • Bootstrap 4
  • SASS
  • Custom tag helpers
    • Authorization attribute (AuthorizationTagHelper.cs)
    • Back button (BackButtonTagHelper.cs)
    • MultiCheckbox (MultiCheckboxTagHelper.cs)
    • MultiSelect dropdown (MultiSelectTagHelper.cs)
    • Not authenticated attribute (NotAuthenticatedTagHelper.cs)

Security

  • Cookie authentication using authorization with permissions
    • Session / authentication cookies are not stored on the user's machine
  • Passwords are hashed using BCrypt
  • Users are locked out after a configurable amount of invalid attempts
  • Idle sessions are automatically logged out

Sessions

  • Custom session logging implementation which is recorded to the database
  • Sessions can be viewed in detail on the Sessions admin page
  • Session logs are recorded for each GET and POST request and includes form data
  • Form data properties can be obfuscated to ****** if the data is sensitive (passwords)
  • Session log events are high level actions that users may perform and may be useful for tracking / auditing user behavior

Users, Roles, Permissions

  • Users can register, login, update their profile and password.
  • Users can perform forgot password requests and reset their password via an email containing an activation link
  • Roles are a grouping of permissions assigned to users
  • Permissions are access rights assigned to roles allowing access to otherwise restricted areas of the application

Configuration

  • Configuration items are used to control various aspects of the application ranging from features to core settings
  • Stored as strong MSSQL types (boolean, datetime, date, time, decimal (18 before, 2 after), int, money, string)

Admin

  • Users can be created, updated, assigned roles, enabled and disabled
  • Roles can be created, updated, assigned permissions, enabled and disabled
  • Permissions can be created and updated
  • Configuration items can be created and updated
  • Session log events can be created and updated