SQL-based authentication: Difference between revisions

SQL-based authentication (view source)

Revision as of 20:23, 10 May 2009

55 bytes added , 15 years ago

→‎{{header|Tcl}}: Got rid of the external md5 requirement by "borrowing" SQL statements from the Perl version

Anonymous user

rosettacode>Dkf

Revision as of 20:12, 10 May 2009 (view source) rosettacode>Dkf (→‎Tcl: Added implementation) ← Older edit		Revision as of 20:23, 10 May 2009 (view source) rosettacode>Dkf (→‎{{header\|Tcl}}: Got rid of the external md5 requirement by "borrowing" SQL statements from the Perl version) Newer edit →
Line 91: =={{header\|Tcl}}== {{works with\|Tcl\|8.6}} Also requires the TDBC driver for MySQL~~, and the md5 package from tcllib~~. <lang Tcl>package require tdbc package require Line 102: } # A simple helper to keep code shorter proc r64k {} { expr int(65536*rand()) } ~~proc encode {salt pass} {~~ ~~md5::md5 $salt$pass~~ } Line 112 ⟶ 110: set salt [binary format ssssssss \ [r64k] [r64k] [r64k] [r64k] [r64k] [r64k] [r64k] [r64k]] ~~set~~# ~~md5~~Note ~~[encode~~that $we are using named parameters below, :user :salt $:pass] # They are bound automatically to local variables with the same name $handle allrows { INSERT IGNORE INTO users (username, pass_salt, pass_md5) VALUES (:user, :salt, :unhex(md5(concat(:salt, :pass)))) } return ;# Ignore the result of the allrows method Line 122 ⟶ 121: proc authenticate_user {handle user pass} { $handle foreach row { SELECT userid~~, pass_salt, pass_md5~~ FROM users WHERE username=:user ~~LIMIT~~AND 1pass_md5=unhex(md5(concat(pass_salt, :pass))) } { return [dict ~~with~~get $row {userid] ~~if {$pass_md5 eq [encode $pass_salt $pass]} {~~ ~~return $userid~~ } } } # Only get here if no rows selected error "authentication failed for user \"$user\"" }</lang>