Beefy Boxes and Bandwidth Generously Provided by pair Networks
Pathologically Eclectic Rubbish Lister
 
PerlMonks  

Re^3: basic login

by mr_mischief (Monsignor)
on Apr 14, 2017 at 19:37 UTC ( #1187958=note: print w/replies, xml ) Need Help??


in reply to Re^2: basic login
in thread basic login

Despite this being a Perl site, many of us are familiar as well with other languages including PHP. In PHP sessions are used for tracking logins from one page to the next. It can involve a database or it can be in the filesystem. It can also be in a keystore like memcached. All of those are also possible in Perl.

Now it's possible to set a cookie and honor that cookie without tracking the session on the server side. That's actually quite simple to do. If you're not tracking it on the server side, though, you don't know if the cookie is forged. That is, unless you cryptographically sign a data structure on the server that includes a session ID, user ID, expiration, and such; then make sure the ciphered text is encoded to text (perhaps using something like base64); then store that in the cookie. Then when the cookie is returned the server can decode, then decrypt it, and check its validity. I doubt if you don't understand how basic sessions are tracked with existing support in the libraries though that you're quite ready to tackle that sort of solution.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1187958]
help
Chatterbox?
[marto]: I'm all for that
[choroba]: Trainspotting without OV is just a half of the movie!
LanX just single handedly stopped Brexit!

How do I use this? | Other CB clients
Other Users?
Others studying the Monastery: (7)
As of 2018-02-19 10:51 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    When it is dark outside I am happiest to see ...














    Results (262 votes). Check out past polls.

    Notices?