Beefy Boxes and Bandwidth Generously Provided by pair Networks
No such thing as a small change
 
PerlMonks  

Re: User authentication

by traveler (Parson)
on Jul 24, 2001 at 21:34 UTC ( #99418=note: print w/ replies, xml ) Need Help??


in reply to User authentication

This is a somewhat different scenario than merlin's technique as referenced by mikeB above. I have slightly different needs than his column solves.

What I have done is to send a cookie on initial login that is an MD5 encoding of some information. This gives a random-looking number. I enter that cookie with any related information such as username and browser type into a database. You could use mySQL or whatever. I had to use a commercial Win2K database because it already was part of the project.

When I retrieve the cookie I can then look up the cookie value in the database to see if the user is allowed to access the site or some portion thereof (I can also retrieve any other user information from the db such as browser type). My db allows multiple cookies per user so a user can log in from different locations and have a "profile" associated with each. In addition I store an expiry time in the db because user accounts on the system expire after a while. I set the cookie expiry time to just exceed the account expiry time in the database. That way the cookie is not saved longer than the account is good.
--traveler


Comment on Re: User authentication
Re: Re: User authentication
by mikeB (Friar) on Jul 24, 2001 at 22:42 UTC
    Interesting. That's very similar to what I did for a recent small web site. The only real difference is that instead of using a cookie, the hash is kept in a hidden input field on each screen. This works as long as the screen-to-screen transitions are form based (rather than links), and has the advantage that it doesn't rely on user/browser acceptance of cookies.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://99418]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (6)
As of 2014-12-20 01:55 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (95 votes), past polls