Build a secure authenticated RESTful Web API

$30-250 USD

已关闭

已发布

超过 9 年前

$30-250 USD

货到付款

Introduction: I need a secure Web API for an application I'm building. I don't know much about security, but I need some best practice authentication. Probably HMAC, unless you can convince me of something better. The consumer of this API will ultimately be a mobile application that sends messages to be stored by the API. To give you an example of functionality, think of a "todo" mobile app that stores the items on the server. The user can then retrieve their items later by date range. The mobile application is NOT in scope of this task, but I thought I'd mention it as you might need to take this into consideration when building the solution. Web API must have the following: - Signup with Email, Name and Password - Authenticate/Login using Email and Password - Send message - locked down to the logged-in user - Get messages by date range for user - locked down to the logged-in user Note: You are not required implement the functionality of storing data for signup and messages. I can do that myself. You only need to provide the authenticated API endpoint. You should just mock the response with some hardcoded test data. I will wire up the API to my own services. To show the API working, I also need a 1 page application (Webforms or MVC) which does a web request to the API, and prints the result. Acceptance Criteria: - Web API application in a C# Visual Studio 2013 solution - Authenticated API uses Public-Private key cryptography - NOT just shared key! - Web API controller with action for: Signup with Email, Name and Password - Web API controller with action for: Authenticate/Login with Name and Password - Web API controller with action for: Send message - locked down to the logged-in user - Web API controller with action for: Get messages date range - locked down to the logged-in user - A single page application which does a web request to the API using REST Sharp [login to view URL] - Sql Server database for storing authentication tokens - Ability to regenerate encryption keys you have created. This may be added to the single page application (mentioned above). Code requirements: - Only use trusted open source libraries available on nuget - Code must be understandable to a mid-weight developer - Code must be concise - short is sweet, unless it is hard to understand - Code must be elegantly written - not hacky - Code must be Unit tested - preferably using NUnit and Moq - Visual studio solution must build and run

Software Architecture

项目 ID: 6861052

关于此项目

17提案

远程项目

活跃9 年前

想赚点钱吗？

电子邮箱地址

在Freelancer上竞价的好处

设定您的预算和时间范围

为您的工作获得报酬

简要概述您的提案

免费注册和竞标工作

17威客以平均价$307 USD来参与此工作竞价

@ambar

Pls dont award before discussing I got your main concern that you want to create a secure authentication API and for this I will suggest to go with Outh2. So, first I want to give you some brief that why I am suggesting you for Outh, please find below: OAuth is an open standard to authorization. OAuth provides client applications a 'secure delegated access' to server resources on behalf of a resource owner. It specifies a process for resource owners to authorize third-party access to their server resources without sharing their credentials. Designed specifically to work with Hypertext Transfer Protocol (HTTP), OAuth essentially allows access tokens to be issued to third-party clients by an authorization server, with the approval of the resource owner, or end-user. The client then uses the access token to access the protected resources hosted by the resource server. The below link will give you some light that what I want to state to you. http://www.asp.net/web-api/overview/security/individual-accounts-in-web-api Now, you want that we will develop only the endpoint for the service and we don't need to connect with the database but I am expecting some specification from you because all the details is necessary to make an application more secure. 1. Can you please specify what kind of message API will send in response to the device. Is this will consist a huge data? 2. I am assuming that there we will develop three methods for the API Registration, login and GetMessage (by

$315 USD 在7天之内

5.0

(150条评论)

8.7

@sherifamgadnabih

i am a senior software engineer and responsible for creating a web and desktop applications using different languages and technologies if u r interested just send me a message thank you and good luck

$250 USD 在5天之内

4.8

(151条评论)

7.0

@prashushinde9

Hi, I (Myself a senior PHP, ASP.NET programmer using C# and VB) have a team having experience of more than 10 years in developing web and mobile applications. I have a team of expert programmers who write robust and bug-free codes at the very first instance. After seeing our quality of work and the cooperation offered to you even after the work has been delivered to you, you’ll come to us again and again to avail our services. I read through the job details extremely carefully and I am absolutely sure that I can do the project very well. I can achieve the results that you are asking for within your timeframe and budget. I am confident I can exceed your expectations and I would love to work on your project. Thanks, Priyanka

$268 USD 在8天之内

4.7

(22条评论)

6.2

@murtaza1981

Hi, Please feel free to discuss the project with me ............................................................................ Thanks, Murtaza

$250 USD 在3天之内

5.0

(12条评论)

4.7

@acronymsolutions

Hi, I have gone through your requirements, I am a Database Administrator at CMMI-5 Level company since August 2004. I have a well experienced team. One thing I can assure you that if we do this you will get a quality product on time. Let me know when we can discuss on it. you can see my feedback as well.

$242 USD 在7天之内

3.9

(24条评论)

5.5

@TAHKuCT

Предложение еще не подано

$250 USD 在4天之内

5.0

(6条评论)

3.0

@BlackmarkTech

Complete Projects ...............................................................................................................................................................................................

$222 USD 在3天之内

5.0

(4条评论)

2.3

@vaishalijain

A proposal has not yet been provided

$155 USD 在3天之内

4.8

(3条评论)

2.2

@ciphe

I have MS in Information Security with research interest of Cryptography. I have implemented Cryptography algorithms in Java and C, written security solutions in J2EE and Java, have implemented datastructures in Java, and built two websites for research / proof-of-concept purposes. Additionally, ~2 years of IT experience. I have taken Graduate level courses in Cryptography and Security that dealt with analysis of Cryptographic protocols, my Masters level project involved design of a Cryptographic protocol for a specific authentication problem in three-party settings. I have executed a number of projects that focussed almost entirely / heavily on Cryptography. I have also written Cryptographically signed Java applet for a J2EE application. Details about projects executed available on request. You might want to go through reviews project creators left for me on freelancer.com, see https://www.freelancer.com/u/ciphe.html.

$947 USD 在10天之内

5.0

(1条评论)

1.2

@Sewerrat

Đề xuất vẫn chưa được gửi

$555 USD 在3天之内

5.0

(1条评论)

0.4

@imranpk

A proposal has not yet been provided

$222 USD 在3天之内

0.0

(1条评论)

0.0

@bhargavdhaduk

hi I am working with more than 20 api for travel industry. if I m eligible than prompt by mail and also I have 2 years experience with this projects

$500 USD 在2天之内

0.0

(0条评论)

0.0

@vijaysrnid

I am a software engineer with 10 years of experience. I will be able to help you create an secure web service using HMAC. What kind of clients are you targeting? I will be able to provide a better solution after a brief discussion. Please contact me further details.

$150 USD 在3天之内