Home > Archive > PERL Beginners > June 2007 > authentication check from file
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
authentication check from file
|
|
|
| Hi All,
I have to store the authentication details like the user_id & password
in a file .
I do not want to include hard code in my file so basically what i am
trying is i wanted to authenticate the user who logged in by reading a
file which contains the user_id & pwd & then if valid , let him call
the subroutines defined else provide him with error message..
I am using postgres db & apache2.. , my search has landed me to
mod_auth_pgsql.
But it doesn't have much of documentation so still in puzzled state..
I have the login but not able to code it ... can anybody help me.
| |
| Tom Phoenix 2007-06-01, 9:59 pm |
| On 6/1/07, Alma <almatirkey@gmail.com> wrote:
> I have to store the authentication details like the user_id & password
> in a file .
You're saying, you're going to have a file which contains one or more
user_id and password pairs, yes?
> I am using postgres db & apache2.. , my search has landed me to
> mod_auth_pgsql.
You probably want to use the standard authentication system that
Apache includes, most likely with an .htaccess file or something
similar. Check with your webmaster or system administrator. If the
that person is you, check the apache documentation, or an apache help
forum.
But if you somehow need to do this from Perl code, it's not hard. You
can use the crypt() built-in function to scramble the password, then
check it something like this.
# These come from the user, somehow
my $username = 'claimed username';
my $attempt = 'password attempt from user';
# Get this one from the file
my $scrambled = &scrambled_password_for($username);
if ($scrambled ne crypt($attempt, $scrambled)) {
&deal_with_bad_password;
exit;
}
# Clear sailing from here
There are other functions you could use instead of crypt, too. But
going with the tried-and-true apache authentication beats
rolling-your-own for security, six days a w and twice on Sundays.
Hope this helps!
--Tom Phoenix
Stonehenge Perl Training
| |
| Mumia W. 2007-06-01, 9:59 pm |
| On 06/01/2007 10:53 AM, Alma wrote:
> Hi All,
>
> I have to store the authentication details like the user_id & password
> in a file .
>
> I do not want to include hard code in my file so basically what i am
> trying is i wanted to authenticate the user who logged in by reading a
> file which contains the user_id & pwd & then if valid , let him call
> the subroutines defined else provide him with error message..
>
> I am using postgres db & apache2.. , my search has landed me to
> mod_auth_pgsql.
> [...]
No, mod_auth_pgsql does authentication from within Apache, but you seem
to need to do authentication from within your program and independently
of Apache.
I'd suggest that you create a database table that contains usernames and
passwords for your users. Then you should use standard postgres database
access (DBI) to fetch that data.
|
|
|
|
|