Hello world!

Welcome to WordPress. This is your first post. Edit or delete it, then start writing!

Posted in Uncategorized | Leave a comment

How to save DataSet in an XML file?

This article explains how to save DataSet in a file.

Level: Beginner, Requirements: C# Basics

Before I tell you how to save a dataset in a file, I like to explain what is a DataSet and how it is created in Visual Studio 2017 Community Edition. If you want to skip to saving DataSet to an XML file then CLICK HERE.

What is a DataSet in .NET Framework?

Generally speaking, a DataSet is a collection of data. In .NET a DataSet organizes data in form of DataTables. These DataTables contains rows and columns which provides a defined order for storing the data. For more details on DataSet, read this article: https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/dataset-datatable-dataview/

How to create and add DataSet to your project in Visual Studio 2017 Community Edition?[ps2id id=’createdataset’ target=”/]

To create DataSet in Visual Studio 2017 Community Edition follow these steps:

  1. Right-click your project name (not solution name) in Solution Explorer.
  2. Select Add > New Item… Following window will popup:
    Adding DataSet to Project in Visual Studio
  3. From the left panel in this Window, select Data and then from the middle panel select DataSet.
  4. In the text box at the bottom of this Window type a name for your DataSet and click Add.
    Now, your DataSet is created.  It’s time to add some DataTables to it.
  5. Double click your DataSet in solution explorer. You will see DataSet Designer opened in front of you.
  6. Now right click somewhere in the designer and click Add > DataTable
  7. Click table title which is default DataTable1. And give this table a name.
  8. Now press CTRL+L while the DataTable is selected.
  9. This will add a column. Right-click the column and select Properties.
    This will open properties for that column as shown below:
    DataTable DataColumn Properties
  10. Now using this you can change the data type, name, and various other column properties. Add more columns to your DataTable using steps from 8 to 9. And add more DataTable to this DataSet using steps 6 to 7.
  11. Now it’s time to add some data to this DataSet. You can do this in many ways. Such as binding your DataSet to a database or adding rows using business logic code (C# in this case).
  12. For this article, I will only cover adding rows using C# code. Following is how you can do it:

    [csharp]
    DataSet1 dt = new DataSet1(); //Create an object for your DataSet. ‘DataSet1’ is the name of the DataSet.
    dt.Tables["Table Name Here"].Rows.Add("value for column 1 ", "value for column 2",…and so on);  //Adding rows to the DataTable.
    [/csharp]

Save DataSet into an XML file [ps2id id=’savedataset’ target=”/]

There are many ways to save DataSet in a file. For example, the first thing that comes to the mind of a beginner in this is to traverse each and every row of each and every DataTable of the DataSet and save the data one-by-one in a file. But that will decrease the performance especially when you have large data in the DataSet.

So, instead of traversing each and every row, we can use a method: DataSet.WriteXml

This method will write the DataSet’s data and the schema in a XML file. Following code sample shows how to use this method:

[csharp]
DataSet1.WriteXml("FileName.XML");
[/csharp]

where FileName.XML is the file where you want to store your DataSet and DataSet1 is the object of the DataSet that we created earlier.

Now to read this file, we have another method: DataSet.ReadXml

This method reads the XML file containing the DataSet XML and parses it to the DataSet. Following code sample shows how to use this method:

[csharp]
DataSet1.ReadXml("FileName.XML");
[/csharp]

where FileName.XML is the file where you saved your DataSet data and DataSet1 is the object of the DataSet that we created earlier.

Conclusion

Saving the DataSet to an XML file and retreiving it back in the DataSet object can be done using just one line of code instead of traversing the DataSet using loops or any other method. But the main object of this article was not just to teach you how to save DataSet but also tell you the basics of how a DataSet works?

If you still have some queries or facing any issue, leave a comment and I will help you implement this in your application.

See you in next post.

Code Awesomely.. bye. 🙂

 

Posted in C# | Tagged , , , , , , , | Leave a comment

Very Simple Token Based Authentication in WCF

Level: Intermediate; Requirements: Must have some experience in C# and WCF Services

Suppose you have a database hosted on a server and you developed a Windows Desktop application or a mobile app that connects to that database using a connection string. Now, whenever you want to send something to that database from that application, you need to send the server address, username, and password of the database (which is in the connection string). This exposes the database to the end-user. Anyone can decompile the application executable file and extract the connection string.

So, how can we avoid this BIGGG security problem? Well, the answer is very simple, Web Services. The application will call the web-service which stores the connection string on the server and then web-service will request the data from the database and returns it to the client application.

But now the web-service is exposed on the Internet. Anyone can call the service using its URL and then access the database. So, how we can avoid it? There are many methods for this, but in this article, I will explain how to implement a very basic Token Based method of authentication? But first I will briefly explain the framework in which I will create our web-service, which is Windows Communication Foundation framework or WCF in short.

What is WCF?

WCF (Windows Communication Foundation) is a unified programming model for building service-oriented applications. It is a highly customizable web-service framework. It provides many options to change the behavior of your web-service the way you want. WCF service comes with many inbuilt authentication mechanisms that I will not cover in this article. Instead, I will implement my own very simple authentication system. The code can be used in production but this code is just for learning purposes and is very basic.

Token Based Authentication

Now even after deploying our database code inside a web-service, our database is still not secured. The reason is that the access to the web-service is still open to anyone who has the URL to the web-service. So, this can be solved using a very simple method known as Token Based Authentication.

Token Based Authentication works like this:

  1. The client application sends username and password to the web-service.
  2. The web-service checks if the username and password combination is correct.
  3. If correct then it generates a token which is nothing but a random unique string (or a hash) and sends it to the client.
  4. Now whenever the client wants to consume a web-service function, it must send the token with its request.
  5. The web-service checks if the token matches any tokens in the database that are not expired. If the match is found then it allows the request otherwise raises an unauthorized access error.

So, now let’s code these steps.

Note: For storing the authentication information, I will recommend you to use a seperate database instead of mixing it with the other user data.

I will not go into steps of creating a WCF service. But don’t worry if you don’t know I will explain it in one of the future posts. Also, to save authentication information I am using DataSet and saving it to a local XML file. I will not explain how to save DataSet in an XML file? But if you want to learn it then go to following link: http://www.aishwaryashiva.com/how-to-save-dataset-in-an-xml-file/

Creating Web-Service Methods

Now let’s create some methods at the web-service end. The first method is the one that will accept the username and password and generates a unique string that will act as a token.

Read the comments in front and above of each code statement to understand what it does.

[csharp]
public string GetToken(string username, string password)
{
bool IsLoginValid = //check here if the username and password combination exists in the database
if (IsLoginValid)
{
var token = Guid.NewGuid().ToString(); //If username and password combination found in the database then generate a token.
bool dbExists = LocalDataAccess.Reload(); //This just checks if the local database(the dataset saved in a file) exists. The details of the method are in "How to save dataset in an XML file?" article.
bool rowFound = false; //This checks if token for particular username already exists in the DataSet
if (dbExists)
{
//Checking if the DataSet has tables, table with the name ‘Sessions’ and table ‘Sessions has rows
if (LocalDataAccess.LocalDB.Tables.Count > 0 && LocalDataAccess.LocalDB.Tables["Sessions"] != null && LocalDataAccess.LocalDB.Tables["Sessions"].Rows.Count > 0)
{
//Traverse each row of the database table ‘Sessions’
foreach (DataRow dr in LocalDataAccess.LocalDB.Tables["Sessions"].Rows)
{
//Check if the username already exists. This is just to avoid multiple token entries for single user.
if (dr["Username"].ToString().Equals(username))
{
dr["Token"] = token; //if username found then update its token
dr["ExpiryDateTime"] = DateTime.Now.AddHours(12); //And set the token expiry time.
rowFound = true;
}
}
}
}
if (rowFound == false) //If row for the username not found in the database
{
//then add the username, token and token expiry date in the database.
LocalDataAccess.LocalDB.Tables["Sessions"].Rows.Add(username, DateTime.Now.AddHours(12), token);
}
//Save the database to the file system
LocalDataAccess.Update();

//Reload the database with updated values.
LocalDataAccess.Reload();

//return the token to the client so that it can use to make web-service requests.
return token;
}
else
return null; //when username and password doesn’t match.
}
[/csharp]

So, now we have a method that will do four tasks: check for valid login, generate a token, save token in the local database and send it the client.
Now, we will create a method that will check the validity of the token whenever the client wants to execute a web-service method. For this, we need to pass the token and the username with the method.

Suppose, we have a method:

[csharp]
void AddEmployee(string EmployeeName, string username, string token)
{
AuthToken(username, token); //This method will check if username and token combination exists, and sets the connection string for database access.
…… // add your database code here.
}
[/csharp]

This is some example method that allows a client to add employee information in the database. But to do that, it will need to connect to the database using a connection string.
Let’s suppose we take a variable:

[csharp]
string connectionString = "";
[/csharp]

Declare this private variable in the class where your database methods are or wherever you feel good. This variable will be assigned by method AuthToken() like this:

[csharp]
public void AuthToken(string username, Guid token)
{
//Reloading data from filesystem to the DataSet
LocalDataAccess.Reload();

//Get the row that contains username and token combination
DataRow dr = LocalDataAccess.LocalDB.Tables["Sessions"].Select("[Username]=’" + username + "’ AND [Token]=’" + token + "’").FirstOrDefault();

if (dr != null)
{
//This checks if the token is expired or not
if (DateTime.Now < DateTime.Parse(dr["ExpiryDateTime"].ToString()))
//If token is not expired then set the connection string from the web.config file.
connectionString = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
}
}
[/csharp]

So now whenever the client wants to call a database method on the web-serivce, it needs to pass username and token to the database method. And before using the connection string, you must call the AuthToken() method.

Conclusion

This was a very simple token based authentication using C# and WCF services. The objective of this article was to show you how a basic token authentication works. You can research more on the web to learn more advanced tactics that can be used to implement a highly secure token based authentication.

So that’s all for now. I hope you get the basic idea on how to implement token based authentication in your application. If you still have some queries or facing any issue, leave a comment and I will help you implement this in your application.

See you in next post.

Code Awesomely.. bye. 🙂

Posted in Windows Communication Foundation (WCF) | Tagged , , , | 2 Comments