I've been working on FSCAuth some recently. Two new things is password reset. Now, a password can be reset simply by doing
Then, you can mail their new password to them, write it on a sticky note, or attempt to pronounce it. I leave the choice up to you!
Now, the much more awesome thing is I implemented an HTTP Basic Authentication option. So now, instead of requiring your programs communicating with your web-service to parse and populate some login form.. or use some other obscure GET form of authentication(shudder)... you can now use Basic Authentication! It's extremely easy to enable and it's possible(even designed) to use both standard form/cookie authentication and Basic authentication. An example from my newly updated example site:
//in a .ashx handler: Authentication.RequiresLogin(true); context.Response.ContentType="text/plain"; context.Response.Write("successfully logged in as "+Authentication.CurrentUser.Username+" with ashx handler");
Simple as pie. And then, in the configuration section you just have to set what you want your authentication realm to be. So basically, if you use
RequiresLogin(false) it won't send the
WWW-Authenticate headers causing the login popup to appear. If you use
true instead, it will, and you'll login instead via Basic authentication.
What if you like Basic Authentication, even though it has mostly vanished from the dot-com jungles? Well, I support this behavior as well. I've added a new configuration option:
UseBasicAuthByDefault. Set to true, and all naked(no argument)
RequiresLogin() will basically act like
RequiresLogin(true). Simple right?
I'm planning to release 1.1 in a few more weeks. Hopefully I'll get around to implementing more of those "must have" features in my FogBugz sooner than later.