• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 669
  • Last Modified:

A typical User class

I would like to create a User Object that is able to login to a site, and administer (add, delete, update) the user account.

What are the typical Properties and Methods (attributes and operations) that would make-up such an object? This is a web application.

There are many different ways one could do this, but what would be a good OOP approach?
0
IntelligentResponse
Asked:
IntelligentResponse
  • 3
  • 3
  • 2
4 Solutions
 
Alan WarrenCommented:
Hi IntelligentResponse,

Curious why you would want to re-invent the wheel, the Membership Class provider for .net is a hell of membership provider; and the price is right too.

Alan
0
 
quizwedgeCommented:
You might want to consider using Microsoft's Membership since it will securely store credentials and offers, from what I remember, lots of fields: http://msdn.microsoft.com/en-us/library/yh26yfzy(v=vs.100).aspx

If you're set on building your own, it certainly wouldn't hurt to look at the classes they use: http://msdn.microsoft.com/en-us/library/2d449f1x(v=vs.100)

The big thing to remember when creating a user class is to save the password as a salted hash. I haven't read the whole article, but from what I skimmed, this seemed to be a good article on using salted hashes: http://crackstation.net/hashing-security.htm
0
 
IntelligentResponseAuthor Commented:
Probably a bit too much, just want the very basics. How does it deal with a User that is not a member, and still needs to register?
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Alan WarrenCommented:
If a user attempts to access a restricted page, the .net membership server redirects the user to the login page, at which point they can either login or sign up.

Alan
0
 
IntelligentResponseAuthor Commented:
So here's what I have, based on what I read from a few books.

An object usually has data (properties) that relate directly to itself, and methods that assume responsibility for itself.

User Class

Properties:
FirstName
LastName
EmailAddress
UserName
Password

Methods:
CreateUser
DeleteUser
UpdateUser
GetUser
GetAllUsers

Is this what a typical User Class should look like, or am I including something that should be in another class?
0
 
Alan WarrenCommented:
You might want to include a UniqueID property "UserID", that would give you a handle to pass to your methods (DeleteUser, UpdateUser and GetUser), would also make a great returnvalue for your method (Createuser).

A lockUser method may be handy too, could invoke after a designated number of invalid login attempts, in which case you may want an UnlockUser method too, but you could possibly cater for this in your updateuser method.

Password recovery is always an issue, in which case you may need some secret question and answer stuff.

Users also tend to want to change their email addresses, which would need validating, but I guess you could cater for that in your updateUser method.

Are you planning on storing passwords as plain text?
Are you planning on determining user activity, online/offline?


Alan
0
 
quizwedgeCommented:
Just make sure when you're storing those passwords you're storing them as a salted hash. See my comment above.
0
 
IntelligentResponseAuthor Commented:
I also accepted my own comment because understanding the concept of what an object should be allows one to go further than preexisting examples, however, having real-life examples (Microsoft's Membership Class) allows one to see how the experts do it, though they tend to be geared mainly towards the advanced corporate environment, and for the most part my needs are at the basic to intermediate level.

Alan:
In response to your 2 questions, the passwords will be stored in SQL Server, and it is likely that I will need to determine user activity online.
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

  • 3
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now