Re: field with Password
| От | Raymond C. Rodgers |
|---|---|
| Тема | Re: field with Password |
| Дата | |
| Msg-id | 4989A790.7090401@gmail.com обсуждение исходный текст |
| Ответ на | Re: field with Password (Iñigo Barandiaran <ibarandiaran@vicomtech.org>) |
| Ответы |
Re: field with Password
Re: ramblings about password exposure (WAS: field with Password) Re: field with Password |
| Список | pgsql-general |
Iñigo Barandiaran wrote:
And compare the supplied password with something like:
You don't need to depend on an external library for this functionality; it's built right into Postgres. Personally, in my own apps I write in PHP, I use a combination of sha1 and md5 to hash user passwords, without depending on Postgres to do the hashing, but the effect is basically the same.
Raymond
Thanks!Well, you can use the built-in md5 function for this purpose. For instance, you could insert a password into the table with a statement like:
Ok. I've found http://256.com/sources/md5/ library. So the idea is to define in the dataBase a Field of PlainText type. When I want to insert a new user, I define a password, convert to MD5 hash with the library and store it in the DataBase. Afterwards, any user check should get the content of the DataBase of do the inverse process with the library. Is it correct?
Thanks so much!!!!!!
Best,
insert into auth_data (user_id, password) values (1, md5('test'));
And compare the supplied password with something like:
select true from auth_data where user_id = 1 and password = md5('test');
You don't need to depend on an external library for this functionality; it's built right into Postgres. Personally, in my own apps I write in PHP, I use a combination of sha1 and md5 to hash user passwords, without depending on Postgres to do the hashing, but the effect is basically the same.
Raymond
В списке pgsql-general по дате отправления: