I think that you are thinking about this in a way that is more confusing and less natural than a basic authentication scheme needs to be.
Using the method that you outline, you would need to:
- check username against a file
- send user to appropriate login page
- authenticate user
- send user to appropriate page if success
- bail if not
You probably want to be storing username, a crypted password and permissions in the same file. This way you can:
- authenticate user
- send user to page based upon permissions if success
- bail if not
This method is a much closer idiom to the tried and (fairly) true basic method of user authentication on *NIX. If you want to take it a bit further, set up a global sattelite network and implement Rabins'
bounded storage model :)
The following code will hopefully give you enough pointers to up-jump your boogie and learn a bit about authentication schemes. Wrapping this into your CGI program is left as an exercise. Happy trails.
#!/usr/bin/perl -w
use strict;
$|++;
#---------------------------------------------------------------------
+---------
# Basic Auth and entitlement function set. Read perldoc -f crypt for
+a tad
# more information on crypt and salt (contains a nice function for ran
+dom
# salt). Then go on and read many more tomes to get a tad more inform
+ation :)
#---------------------------------------------------------------------
+---------
my ( $username, $passwd ) = @ARGV;
if ( my $permissions = &check_passwd( $username, $passwd ) ) {
print "$username is $permissions\n";
} else {
print "authentication failed\n";
}
##
# check_passwd( $username, $password );
#
# returns group or permissions or whatever you have in the third colum
+n of your
# passwd file if username and password match
#
sub check_passwd ($$) {
my ($input_username, $input_passwd) = @_;
while (<DATA>) {
my ($username, $crypted_passwd, $permissions) = split ':';
next unless $input_username eq $username;
my $crypted_input_passwd = crypt($input_passwd, $crypted_passwd);
if ( $crypted_input_passwd eq $crypted_passwd ) {
chomp( $permissions );
return $permissions;
}
}
return;
}
##
# DATA file description and data (with unencrypted passwords, for test
+ing)
#
# username:passwd:permissions
# nob:bob:god
# rim:tim:angel
# hal:kal:devil
##
__DATA__
nob:a1ni5aPmumc2E:god
rim:jZR4taPdoUdwA:angel
hal:0ZYFuJV/xWRvc:devil