Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Re: ** MULTIPLE LOGIN AUTHENTICATION WITH PERL BASED ON ACCESS PERMISSION.

by dug (Chaplain)
on Jul 20, 2002 at 05:52 UTC ( [id://183558]=note: print w/replies, xml ) Need Help??


in reply to ** MULTIPLE LOGIN (remainder elided)

I think that you are thinking about this in a way that is more confusing and less natural than a basic authentication scheme needs to be. Using the method that you outline, you would need to:
  • check username against a file
  • send user to appropriate login page
  • authenticate user
  • send user to appropriate page if success
  • bail if not

You probably want to be storing username, a crypted password and permissions in the same file. This way you can:
  • authenticate user
  • send user to page based upon permissions if success
  • bail if not

This method is a much closer idiom to the tried and (fairly) true basic method of user authentication on *NIX. If you want to take it a bit further, set up a global sattelite network and implement Rabins' bounded storage model :)

The following code will hopefully give you enough pointers to up-jump your boogie and learn a bit about authentication schemes. Wrapping this into your CGI program is left as an exercise. Happy trails. 
#!/usr/bin/perl -w
use strict;
$|++;

#---------------------------------------------------------------------
+---------
# Basic Auth and entitlement function set.  Read perldoc -f crypt for 
+a tad
# more information on crypt and salt (contains a nice function for ran
+dom
# salt).  Then go on and read many more tomes to get a tad more inform
+ation :)
#---------------------------------------------------------------------
+---------

my ( $username, $passwd ) = @ARGV;
if ( my $permissions = &check_passwd( $username, $passwd ) ) {
  print "$username is $permissions\n";
} else {
 print "authentication failed\n";
}

##
# check_passwd( $username, $password );
#
# returns group or permissions or whatever you have in the third colum
+n of your
# passwd file if username and password match
#
sub check_passwd ($$) {
  my ($input_username, $input_passwd) = @_;
  while (<DATA>) {
    my ($username, $crypted_passwd, $permissions)  = split ':';
    next unless $input_username eq $username;
    my $crypted_input_passwd = crypt($input_passwd, $crypted_passwd);
    if ( $crypted_input_passwd eq $crypted_passwd ) {
      chomp( $permissions );
      return $permissions;
    }
  }
  return;
}


##
# DATA file description and data (with unencrypted passwords, for test
+ing)
#
# username:passwd:permissions
# nob:bob:god
# rim:tim:angel
# hal:kal:devil
##

__DATA__
nob:a1ni5aPmumc2E:god
rim:jZR4taPdoUdwA:angel
hal:0ZYFuJV/xWRvc:devil

[download]
  • Comment on Re: ** MULTIPLE LOGIN AUTHENTICATION WITH PERL BASED ON ACCESS PERMISSION.
  • Download Code

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://183558]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this?Last hourOther CB clients
Other Users?
Others goofing around in the Monastery: (1)
As of 2024-04-25 03:40 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    No recent polls found