From grimoire at sparky.ox.compsoc.net Wed Apr 14 08:23:01 2004 From: grimoire at sparky.ox.compsoc.net (Dave Page) Date: Thu Aug 5 00:08:41 2004 Subject: OxPM: Login modules? Message-ID: <20040414132300.GM18871@slimfast.technomancer.homelinux.org> I'm writing a web script which needs to do the following: take a username and password, authenticate against a backend (in this case, a Postgres database), and if it's correct set a cookie, then check that cookie for each subsequent page load. I'm sure that people have written good easy modules to do this, but I don't know of any. Does anybody here have a suggestion? Dave -- "Today I realised I hate everyone in the entire world. I used to think I might like some people I hadn't met. But now I think they're weasels too." "How about a wide-eyed and innocent child who loves you unconditionally?" "Tiny weasels." - Dilbert, 03/09/2002 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://mail.pm.org/archives/oxford-pm/attachments/20040414/a09fcbd5/attachment.bin From simon at simon-cozens.org Wed Apr 14 08:35:32 2004 From: simon at simon-cozens.org (Simon Cozens) Date: Thu Aug 5 00:08:41 2004 Subject: OxPM: Login modules? In-Reply-To: <20040414132300.GM18871@slimfast.technomancer.homelinux.org> References: <20040414132300.GM18871@slimfast.technomancer.homelinux.org> Message-ID: <20040414133532.GB15090@alibi.simon-cozens.org> Dave Page: > I'm sure that people have written good easy modules to do this, but I > don't know of any. Does anybody here have a suggestion? I don't know of any either. I generally use some variation of the code in http://search.cpan.org/src/SIMON/Maypole-Authentication-UserSessionCookie-1.1/UserSessionCookie.pm (The only Maypole-specific bits in there are the $r->config stuff. So maybe it could be extracted into a more general module.) -- Momomoto, Famous Japanese, can swallow his nose. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available Url : http://mail.pm.org/archives/oxford-pm/attachments/20040414/7b759239/attachment.bin From dom at earth.li Wed Apr 14 08:42:39 2004 From: dom at earth.li (Dominic Hargreaves) Date: Thu Aug 5 00:08:41 2004 Subject: OxPM: Login modules? In-Reply-To: <20040414132300.GM18871@slimfast.technomancer.homelinux.org> References: <20040414132300.GM18871@slimfast.technomancer.homelinux.org> Message-ID: <20040414134239.GH17381@tirian.magd.ox.ac.uk> On Wed, Apr 14, 2004 at 02:23:01PM +0100, Dave Page wrote: > I'm writing a web script which needs to do the following: take a > username and password, authenticate against a backend (in this case, a > Postgres database), and if it's correct set a cookie, then check that > cookie for each subsequent page load. > > I'm sure that people have written good easy modules to do this, but I > don't know of any. Does anybody here have a suggestion? You'd have thought so, wouldn't you. I mean, php has this sort of session management built in, doesn't it? The last time I looked though I couldn't find anything for Perl, so do let me know if you find something useful. Cheers, Dom. From dan at devilock.mine.nu Wed Apr 14 09:46:17 2004 From: dan at devilock.mine.nu (Dan) Date: Thu Aug 5 00:08:41 2004 Subject: OxPM: Login modules? References: <20040414132300.GM18871@slimfast.technomancer.homelinux.org> <20040414134239.GH17381@tirian.magd.ox.ac.uk> Message-ID: <005201c4222f$3e552030$c801a8c0@gds> > You'd have thought so, wouldn't you. I mean, php has this sort of > session management built in, doesn't it? Yes it does, but then PHP has a lot of stuff set up server-wide to describe how sessions are stored.. (not to mention db configs and the like) >Does anybody here have a suggestion? Yep. You can do similar session persistence with Apache::Session (http://search.cpan.org/~jbaker/Apache-Session-1.6/Session.pm) Which according to the perldoc will work with CGI (Tho I thought it was a mod_perl thing until I looked) Although full session persistence might be a bit over the top for your needs. I tend to use something a bit simpler that just stores a GUID for each logged in user and checks it against the cookie each time. Here's the code I've used in the past: http://devilock.mine.nu/login.txt (It's been hastily pulled out of a working script and commented, so it may or may not need a tweak to get it working. Works for me, but YMMV) Laters, and good luck, Dan ----- Original Message ----- From: "Dominic Hargreaves" To: Sent: Wednesday, April 14, 2004 2:42 PM Subject: Re: OxPM: Login modules? > On Wed, Apr 14, 2004 at 02:23:01PM +0100, Dave Page wrote: > > I'm writing a web script which needs to do the following: take a > > username and password, authenticate against a backend (in this case, a > > Postgres database), and if it's correct set a cookie, then check that > > cookie for each subsequent page load. > > > > I'm sure that people have written good easy modules to do this, but I > > don't know of any. Does anybody here have a suggestion? > > You'd have thought so, wouldn't you. I mean, php has this sort of > session management built in, doesn't it? The last time I looked though I > couldn't find anything for Perl, so do let me know if you find something > useful. > > Cheers, > > Dom. > From ian at indecorous.com Thu Apr 15 20:01:20 2004 From: ian at indecorous.com (Ian Malpass) Date: Thu Aug 5 00:08:41 2004 Subject: OxPM: Login modules? In-Reply-To: <005201c4222f$3e552030$c801a8c0@gds> References: <20040414132300.GM18871@slimfast.technomancer.homelinux.org> <20040414134239.GH17381@tirian.magd.ox.ac.uk> <005201c4222f$3e552030$c801a8c0@gds> Message-ID: On Wed, 14 Apr 2004, Dan wrote: > Yep. You can do similar session persistence with Apache::Session > (http://search.cpan.org/~jbaker/Apache-Session-1.6/Session.pm) Which > according to the perldoc will work with CGI (Tho I thought it was a mod_perl > thing until I looked) CGI::Session? Ian - -- ------------------------------------------------------------------------ The soul would have no rainbows if the eyes held no tears. Ian Malpass ian@indecorous.com