Login/Logout

titanic_fanataic has asked for the wisdom of the Perl Monks concerning the following question:

Hi... I'm just trying to create a login/logout system for one of my scripts, and I have the login part done fine, but I'm having difficulties figuring out how to use cookies to make a logout button for my page that actually works (ie: you can't press back after pressing logout, you have to login again)???

If anyone could describe to me with snippets of code how I would implement something like this into my own program, that would be greatly appreciated.

Thanks for the help,
Tylor

Comment on Login/Logout

Replies are listed 'Best First'.
Re: Login/Logout by nite_man (Deacon) on Jan 13, 2005 at 12:39 UTC
If I understood clearly you need to restrict access to some web pages. So, first you can use Apache features for that: Authentication, Authorization and Access Control. Second way is using sessions. Have a look Apache::Session or CGI::Session. Also, there are good CGI::Session Tutorial and CGI::Session CookBook. --- Michael Stepanov aka nite_man It's only my opinion and it doesn't have pretensions of absoluteness!	[reply]
Re^2: Login/Logout by Anonymous Monk on Mar 30, 2016 at 14:18 UTC
Logging out seem difficult. I could stay logged in for eternity?	[reply]
Re^3: Login/Logout by Corion (Patriarch) on Mar 30, 2016 at 14:26 UTC
The common approach is to have a timeout/end date and/or a date of last contact stored in your session. If the timeout or date of last contact is too long ago, the session is considered invalid and you need to enter your password again.	[reply]
Re^3: Login/Logout by beewarb (Initiate) on Mar 30, 2016 at 17:45 UTC
Many thanks, Connon, I will comply. Actually I'm 'beewarb' not registered, {but I thought I was!} beewarb	[reply]
Re^2: Login/Logout by titanic_fanataic (Acolyte) on Jan 13, 2005 at 21:27 UTC
I would love to use these methods, but unfortunately, I don't have access to any of these mods on my server. I would have to use either cookies or hidden form feilds. In this case I believe that it would be wise to use cookies... Could someone point me in the right direction for a turorial on this... Thanks, Tylor	[reply]
Re: Login/Logout by r34d0nl1 (Pilgrim) on Jan 13, 2005 at 11:33 UTC
If you are using cookies it is a good practice to check every page if the cookie content is Ok. In the logout page you can clean the cookie or send, for example, the LOGGED=False value to the cookie. Next Time the page is loaded (even with the back button) the content of the cookie will be checked and will be invalid. This node explains about cookies and how to 'delete' them. Hope it can help you.	[reply]
Re: Login/Logout by rdfield (Priest) on Jan 13, 2005 at 09:55 UTC
Create your pages with "no-cache" set and with the expires time sometime in the past. Every time the browser is asked to display the page it has to go back to the server. In theory. You've got no control over the caching between your server and the client (there may be proxy caches in the way) - you can only request that they don't cache the page. rdfield	[reply]


Come for the quick hacks, stay for the epiphanies.
	PerlMonks