Adding Customer Accounts

Summary

In this chapter, you’ve implemented a customer account system that customers can use to store their details for use during order processing. You’ve looked at many aspects of the customer account system, including encrypting sensitive data, and securing web connections for obtaining it.

You started by creating a set of classes in a new namespace called SecurityLib for hashing and encrypting strings, and a secure credit card representation that makes it easy to exchange credit card details between the encrypted and decrypted format.

After this, you implemented a customer login scheme using a new user role called Customers. This required some, but not many modifications to the existing Forms Authentication scheme, as well as the addition of a registration page. You also added customer details functionality using the ASP.NET Membership controls and the SecurityLib namespace and classes. After all this was implemented, you prepared the way for a new order process with a new checkout page.

Finally, we looked at how to secure data passing over the Internet using secure SSL connections. This involved obtaining and installing a certificate from a known certification authority (VeriSign, for example), restricting access to SSL where appropriate, and modifying the redirection code slightly to use SSL connections.

In the next chapter, we’ll look at how to create the framework for the order-processing pipeline, enabling you to automate even more of the supply process.