• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: WOA, Building a Login form
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WOA, Building a Login form

  • Subject: Re: WOA, Building a Login form
  • From: Drew Thoeni <email@hidden>
  • Date: Sun, 3 Apr 2005 17:58:59 -0400
I have an object in the session called currentUser. I set this to the user fetched from the database (see snipit below). On logout, I nullify that object. Again, there may be a better way. And, I have an outstanding question to myself whether this is just making a reference, or really copying the data.

session.currentUser = tempUser;

Drew


On Apr 3, 2005, at 5:19 PM, Amedeo Mantica wrote:

Thanks for the fast reply
sorry if I ask again... but I'm now learning WO...
After an User login is verified, how to namege it in the session?

Thanks
Amedeo

On 03/apr/05, at 18:14, Drew Thoeni wrote:

First, I'm not, by any stretch, an expert WO/Java programmer. Given that, here's some code I use that others on the list might have improvement suggestions on.

/**
* Checks for null email address and password. If not null then
* This user is retrieved from the database and their encrypted password
* of record is compared to what they entered. All methods calculating the password
* or comparing the password add the user's email address before the password
* as a salt to ensure no two password digests are the same.
* Requires import java.security.*
* @throws NoSuchAlgorithmException
*/
public WOComponent login() throws NoSuchAlgorithmException {
if (enteredPassword == null) { // User did not enter password
errorMsg = "Error: Password can not be empty.";
return context().page();
}
User tempUser = fetchUser();
if (tempUser == null) {return context().page();}
String encryptedPassword = Converter.encryptPassword(enteredEmail.trim()+enteredPassword);
if (encryptedPassword.equals(tempUser.password())) { // passwords match, user is authenticated
tempUser.setLastLogIn(new NSTimestamp());
tempUser.setTimesLoggedIn( new Integer(tempUser.timesLoggedIn().intValue() + 1) );
ec.saveChanges();
}
else {
errorMsg = "Error: Password or email invalid.";
return context().page();
}
}

/**
* Fecths a single user from the database whose email address
* macthes the one input by the user attempting to login
*/
private User fetchUser() {
if (enteredEmail == null) {
errorMsg = "Error: Email address appears invalid.";
return null;
}
// fetch user from database
NSDictionary bindings = new NSDictionary(enteredEmail.trim(), "primaryEmailIn");
User u = null;
try {
u = (User)EOUtilities.objectWithFetchSpecificationAndBindings( ec, "User", "FetchSingleUser", bindings);
}
catch (Exception e) {
NSLog.debug.appendln("Unknown user with email " + enteredEmail + " generated this login exception: " + e);
errorMsg = User.staticExceptionHandler(e);
ec.revert();
return null;
}
return u;
}

/**
* This static method (from Converter class) takes a string and encrypts it using one-way encryption.
* @param String passwordIn is any string, but typically will be
* a clear text password to be encrpyted.
*/
public static String encryptPassword(String passwordIn) throws NoSuchAlgorithmException {
String encryptedPassword;
MessageDigest md = MessageDigest.getInstance("SHA"); // Can be "MD5" or "SHA" (MD5 is weaker)
md.reset();
md.update(passwordIn.getBytes());
byte[]arr = md.digest();
encryptedPassword = (new BASE64Encoder()).encode(arr);
return encryptedPassword;
}

On Apr 3, 2005, at 11:46 AM, Amedeo Mantica wrote:

I' looking for a code example
Thanks
Amedeo

On 03/apr/05, at 17:38, Drew Thoeni wrote:

Amedeo,

There are many apps on the web that show user authentication (the Apple Store being an example). Are you looking for code or is there a specific part of authentication you have a question about?

Drew

On Apr 3, 2005, at 11:30 AM, Amedeo Mantica wrote:

Hi,
I'm new to webojects applications, and I see that webobjects is really nice and I want to switch from PHP!
Just a question, does anyone have a web example with user authentication ?
Thanks
Best Regards

Amedeo Mantica
Insigno Design Studio

_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
email@hidden

This email sent to email@hidden


Amedeo Mantica
Insigno Design Studio



Amedeo Mantica
Insigno Design Studio



_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-dev mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden




  • Follow-Ups:

      

    • Re: WOA, Building a Login form

      • From: Ondra Cada <email@hidden>
      • 

    • Re: WOA, Building a Login form

      • From: Sacha Mallais <email@hidden>
      • 





References: 


 >WOA, Building a Login form (From: Amedeo Mantica <email@hidden>)


 >Re: WOA, Building a Login form (From: Drew Thoeni <email@hidden>)


 >Re: WOA, Building a Login form (From: Amedeo Mantica <email@hidden>)






    

  • Prev by Date:
Re: WOA, Building a Login form

    • 

  • Next by Date:
Re: WOA, Building a Login form

    • 

  • Previous by thread:
Re: WOA, Building a Login form

    • 

  • Next by thread:
Re: WOA, Building a Login form

    • 

  • Index(es):

      

    • Date
      • 

    • Thread
      • 

    

    •