|Think about Loose Coupling|
User authenticationby Siddartha (Curate)
|on Jul 24, 2001 at 18:52 UTC||Need Help??|
Siddartha has asked for the wisdom of the Perl Monks concerning the following question:
I have been using Perl for a while now, but still there is a lot to know.
I was thinking of using a crypt() function and check if the entered password is the same as the password in some file. That seems quite easy and straightforward. My problem is that I want to store a cookie, so people don't need to log in the whole time.
I have no idea what to store in the cookie. Just the username? And what about when it expires?
I would love a few examples, like what Perlmonks stores in the cookie. It looks like the Username and an encrypted password.
Is that secure?
I have been searching on the web, and it is scary the crap people try to disguise as password scripts, with the password hardcoded into the script etc.