Beefy Boxes and Bandwidth Generously Provided by pair Networks
Keep It Simple, Stupid
 
PerlMonks  

Re: Re: Re: Is this use of crypt() appropriate?

by Nomis52 (Friar)
on Nov 09, 2001 at 05:36 UTC ( [id://124263]=note: print w/replies, xml ) Need Help??


in reply to Re: Re: Is this use of crypt() appropriate?
in thread Is this use of crypt() appropriate?

Ok this is how I did it. Note I'm very new to perl programming so this probably isn't the best way.
Assuming you have authenticated the user (from a database or text file or where-ever), and $user is the user's id
use MD5 ; my $md5 = new MD5 ; $md5->reset ; my $yday = (localtime)[7]; # create certificate / session id my $certif = $user . $yday . "do4k.g0" . $ENV{'HTTP_USER_AGENT'} . +$ENV{'REMOTE_ADDR'} ; # encrypt certificate $md5->add($certif); my $enc_cert = $md5->hexdigest() ; # set cookie print "Set-Cookie: SESSION=$enc_cert; path=/\n" ; print "Set-Cookie: NAME=$user; path=/\n" ; # and continue print "Content-type: text/html\n\n" ; print "Your logged In!" ;
Then everytime the script is called get the certificate out the cookie and recreate a certificate and compare the two.
# $session and $user came from cookie use MD5 ; my $md5 = new MD5 ; $md5->reset ; #create ceritficate my $yday = (localtime)[7]; my $certif = $username . $yday . do4k.g0 . $ENV{'HTTP_USER_AGENT'} . + $ENV{'REMOTE_ADDR'} ; # encrypt Certificate $md5->add($certif); my $enc_cert = $md5->hexdigest() ; #compare if($enc_cert eq $session) { # we're logged in - run script ; } else { # we're not logged in - disp error msg }
And a logout can simply be done with a
print<<"END" ; Set-Cookie: SESSION=; path=\ Set-Cookie: NAME=; path=\ Content-type: text/html Your logged out now END
It would probably be wise to set expiration times for the cookies. Using the $yday means each certificate will expire at midnight which could be a problem.

Anyway I hope this helps
Nomis52

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: note [id://124263]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others learning in the Monastery: (3)
As of 2024-03-29 02:02 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found