Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl Monk, Perl Meditation
 
PerlMonks  

Re: Never Write Another Login Script Again!

by eweaverp (Scribe)
on Jul 09, 2003 at 00:37 UTC ( #272524=note: print w/replies, xml ) Need Help??


in reply to Never Write Another Login Script Again!

I say, if it works, upload it, with your email address, and if people want to use it, they will use it. If there are bugs, they may complain to you, or they may fix it, and _then_ complain to you.

It certainly seems useful; although not for me. You may want to think carefully about extensibility options. Is it easy to add new fields (even required fields?) Is there an clean API exposed that makes it easy to fool with the underlying procedures if it is necessary? Or is everything locked up pretty tightly?

How secure will it be? Plain-text storage? Encryption of some mysterious kind? SSL connections for log-in?

Can it also control access to plain .html files, and not just CGI content? Will it integrate with .htaccess?

No matter what, nobody's going to get hurt. So upload at will.

~evan

  • Comment on Re: Never Write Another Login Script Again!

Replies are listed 'Best First'.
Re: Re: Never Write Another Login Script Again!
by jbeninger (Monk) on Jul 09, 2003 at 03:11 UTC
    Thanks everyone for your comments. It's definitely given me some things to think about, as well as a tentative feeling that I'm on the right track :)

    The scope of this project is web apps with a relatively simple login process - PM for instance. It is not meant to be standalone user management system. It's still up to the developer to add the user preferences, admin areas, etc. if they're required. One motivation was that a login system could be implemented quickly, and then refined later.

    When creating a new LoginRequired instance, a number of parameters can be used to customize the login process. These are things like "user_id_field", "password_field" that define database column names and a "confirmation_fields" array defining which fields are used to confirm an identity before emailing a user a password. Just about anything I could make customizable I did.

    I've also worked at making it relatively simple to use different technologies for session and user management. Overloading the "getSession" and "commitSession" functions is all that's required to change the way sessions are stored. There's a similar set of functions in the works for storing user information.

    Given the comments here, I think I'll take a couple of days to refine and document the beast and put it up on CPAN. I was going to go further in describing it, but it's easier when there's some code I can point to.

    Thanks again for the comments.
    James

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://272524]
help
Chatterbox?
[ovedpo15]: But I don't know the length of the string. will it still work?
[ovedpo15]: The only thing I know is that there is a comma at the end and a value after that
[hippo]: Try it and see. Your computer won't explode.
[Corion]: length will tell you the length of a string.
[Corion]: But if you are parsing CSV, again, let me point to Text::CSV_XS, which you should use instead
[hippo]: +1 for Text::CSV_XS
[ovedpo15]: Im not allowed to use additional modules, so I can't use it. looking for a simple regex to do this task though..
[Corion]: Ah, so this is homework? Then most likely, you should review your course material closer. It would greatly surprise me if the course material wouldn't mention the topics that will be used in the homework...
[Corion]: I already showed you the simple regex to match the last part of a string without a comma in it

How do I use this? | Other CB clients
Other Users?
Others chanting in the Monastery: (6)
As of 2018-05-27 10:41 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Notices?