I have been building a custom membership and role provider for our department and it had to meet all sorts of requirements:
- Minimum of 14 characters for the password
- Minimum of 2 upper case letters
- Minimum of 2 lower case letters
- Minimum of 2 number
- Minimum of 2 special characters (things like ~!@#$%^&*()....)
- The password can't be reused in the past 10 times
- The password will expire every 60 days
- Failed login attempts 3 tries
- Account get's locked after 90 of inactivity
- Ability to log in with Username/Password or with Security Card.
- User can reset their password from a profile page
- User can sync/unsync certificate for Security Card
- User can view and modify their profile
First I had to build the Database to hold Users, Applications, Roles for application, Users rights to Applications and assigned roles in the application. After that it was building the libraries to handle all the interaction between the backend database and the front end which was getting the basic login with UserName/Password to work and after that the basic rules about the password. Then it was on to the User Profile page and the Edit Profile pages adding the change password when a user logs in and from the profile page. The last big task was the security certificate and I gave myself 2 weeks to do this. Initially I had some issue with setting up certs on the web server (1.5 days of work) but once that was done, it really only took me 4 days to do the rest of the coding.
And all of this was done with C# using MVC (Model-View-Controller), EF (Entity Framework), Ajax, and JQuery which are new to me.
And on Thursday afternoon at 3:00 pm I was done with the coding. I still had a complete test cycle to go through to find any new bugs that I had introduced.. but that could be done Friday and next week.
Coincidentally the guys and I had planned on going out to a new micro-brew that had opened near work and so I was now looking forward to a relaxing evening and we even went out for dinner.
This is what has been consuming my brain for the past month. I would go to bed with code swirling around in my head; I woke up early (sometimes at 4 am) and would be in at work by 7am; I would work through lunch and not leave until 6pm. I would have code in my head during the 45+min drive home and then I would email myself the things I had thought of on the drive home hoping that since I had sent myself a note my head would clear.
Friday morning I woke with a sense of calm I had not had for quite a while. It was a great feeling of satisfaction that I had done this all by myself.
Next week I can start the management application for:
- Adding applications
- Add roles for the applications
- Granting access based upon user requests for access to applications
- Assign roles to users for each application
- Reset Accounts (user, roles, applications)