This extension helps you to provide a more modern form of authenticating users on your DNN website. Instead of using the archaic username and password method of logging in, it instead relies on the authentication security provided by the email provider of choice by the end end-user.
When they attempt to log in, they'll be sent an email, where they'll need to copy the code in their email, then paste it into the login form. If the code is correct, then they'll be logged in.
In the interest of keeping things tidy, codes are automatically cleared out as they expire, and after 5 subsequent failed attempts, end-users must wait an hour before they can try again.
How do you say "Easy Security" without saying "easy security?" Oh, never mind. 😎
Sponsors == (typeOf superHuman) Awesome;Yes, it's not real code. It's just supposed to be fun. :P
This solution is created and maintained by Upendo Ventures for the DNN CMS Community. Please consider sponsoring us for this and the many other open-source efforts we do. It's a lot. :)
If you're not a developer, the rest of this README is not going to interest you. 😉
This solution was built using the Upendo DNN Generator.
A Special Note to ALL Developers...
Please do not begin any development until you first read through and understand all of the notes in the README below.
The previous version was not adhering to known best practices and as a result, it was unclear of how to find and maintain it. This version has been cleaned up and restructured with best practice architecture, build, versioning, and deployment in mind.
The solution currently expects to be in the following environment, but you can update that to be any version you'd like, provided all extensions will be compatible:
You should build and develop in a development environment that's separate from the local environment where you'd be testing. The examples below help to illustrate this...
C:\Work\ProjectName\source-code\ C:\Work\ProjectName\website\ The Development Path is where the source code (solution) should be contained. The Staging/Testing Path is where the testing website instance should be restored to and ran from via IIS.
While you can technically do everything from a single path, this model helps to reduce environmental synchronization, duplication, and testing issues. It also often reduces ramp up time between testing scenarios where installations, upgrades, back-ups, and restorations are necessary.
Either way, is up to you.
You should get a backup of the website and database from production, then overwrite those files using this repo. (Optional) It may be a good idea to run a data cleansing script against the database to clear out any sensitive data and/or PII.
There are two possible paths for development, building and testing related to the suggested approach for this solution.
Please Note: It's possible to follow both approaches. This allows the website in your Staging/Testing Path to remain as clean as possible and be a true test before deploying to a true staging environment and/or in production.
When you build the solution or any single project in DEBUG mode, the following occurs:
/website/Bin/ folder. When you build the solution or any single project in RELEASE mode, the following occurs:
/website/Install folder:
Hotcakes-Integration: Contains Hotcakes Commerce viewsets. (This is an non-standard folder that DNN is unaware of.) Library: Contains class libraries (DLL's). Module: Contains custom modules and skin objects. Skin: Contains theme packages. When there are DLL's involved, there are two packages created, Install and Symbols. The respective work will be seen at the end of the respective file name.
Special Developer Note
If you don't remember to uninstall the symbols package, it could result in upgrade and/or troubleshooting issues in the future.
Steps 1 through 8 are considered to be more for set-up, while the remaining steps are for ongoing development.
db_owner permissions. PortalAlias table to add your new website domain name and make sure it's marked as the "Primary" domain name for the respective PortalID. /website folder (create the /website folder in the root, if necessary) /website folder(s). Website\DesktopModules folder (for modules, and other areas for other extensions, such as \Bin for Libraries) Install\ExtensionType folder (e.g., Skins, Modules, Libraries, etc.) Here is an explanation of each of the top-level folders found in the solution. These folders are also reflected the same way when viewed in Visual Studio, when necessary.
There is a packages that may be created as a result of building the solution or a project. This is created by Nuget and is not part of this solution architecture.
When an extension is new to the solution, there may be an extra bit of setup required.
Alternatively, you can build the solution in RELEASE mode and install that package into the website. Then build the solution/project again in DEBUG mode.
In order to debug the code, you'll need to follow the steps below:
<compilation debug="true" strict="false" optimizeCompilations="true"> <Ctrl>+<Alt>+<P>). w3wp.exe in the list and click the Attach button. Any references that can't or shouldn't be managed by Nuget are managed by the SolutionReferences.targets file in the Build folder. This central file allows you to update the references in a single place, for all projects.
If you're adding/editing references that come from DNN (or from the References folder), DO NOT use the Visual Studio IDE to do this. It will result in long-term management issues for the solution. Instead, you should view any of the .csproj files in a separate text editor to see how to properly add a reference. It's not possible to add it correctly in the Visual Studio IDE.
When necessary, first add the new references to the correct references folder/path, and then update the SolutionReferences.targets file.
Include the following line in the .csproj file, just before the references section (if necessary).
<Import Project="..\..\Build\SolutionReferences.targets" Condition="false" />Please Note: It's currently required for you to manually update the version numbers in the .csproj file when working with any Library type project as well. Please see Issue #17 for more details and to potentially help fix this. :)
Next, add the appropriate reference, per the targets file. Here are examples for DNN, and Hotcakes Commerce.
<ItemGroup>
<Reference Include="DotNetNuke">
<SpecificVersion>False</SpecificVersion>
<HintPath>$(DnnReferencePath)\DotNetNuke.dll</HintPath>
<Private>False</Private>
</Reference>
<Reference Include="Hotcakes.Commerce">
<SpecificVersion>False</SpecificVersion>
<HintPath>$(HccReferencePath)\Hotcakes.Commerce.dll</HintPath>
<Private>False</Private>
</Reference>
</ItemGroup>Note the use of SpecificVersion and Private above. These are very important to ensuring consistent builds and packages.
If you reference a DLL in the references folder directly, simply edit the .csproj file afterward to follow the pattern outlined above.
It may be noticed that this solution and it's architecture are both complicated and elegant at the same time. A beginning developer may feel overwhelmed at first, but this solution greatly simplifies all development. This is especially important and true due to how tightly integrated and dependant all of the projects and code is.
As such, this solution would function best when used with a Git-based source control product, such as Git, GitHub, and BitBucket. There are many workflows that could be used for this solution as it relates to the interaction with Git. For developers that are new to Git and its potential workflows, a workflow known as "centralized workflow" may be tempting, because it is how solo developers and SVN/TFS has been used in the past. When using Git, this is generally a mistake since it ignores all of the features Git offers.
It is highly recommended that a Gitflow Workflow workflow is used and followed. This empowers all developers that may be involved to work at the same time, independently, regardless of location, focus, and feature/issue they're working on. Initially, some developers will feel this simply over-complicates the development process, but the moment something "bad" happens during a development cycle, this process will very clearly highlight itself as having saved the day. This approach also ensures that one or more PM's are able to see and know the state of the code base, pending updates, and more because they're at all times seeing branches in a logical pattern and reviewing pull requests to the primary/release branches.
The primary branches that are present and used may change over time. Those potential branches are defined below. There are no strict requirements, except as defined as the project/product manager assigned to this solution. Naming conventions such as those listed below are very important to ensure the productivity of all parties involved during development, so that everyone can easily understand the purpose of various branches and their contained code/updates.
Master) branch should always be present and used, regardless of the way Git is leveraged. This branch is always expected to only contain tested and unbroken code at all times. At no time should code be committed to this branch without first being verified to be tested and unbroken. Pull requests into this branch would often only come from the development branch. Issues\Issue-12345 and Issues\email-template-routing.Features\Issue-12345 and Features\salesforce-integration.Tasks\Issue-12345 and Tasks\03.02.01-packaging. Releases\03.02.01. The code that is included in this branch would come only from the master branch, and this branch would be created directly prior to pushing the updates into production from a staging/UAT environment. This solution and the related materials are proudly created and provided by Upendo Ventures.