1
Download Second Edition
Transcript
98
CHAPTER 9. AUTHENTICATION
structure Auth :
sig
type person_id =
val loginPage
val defaultHome
val siteName
val verifyPerson
val isLoggedIn
val newPassword
val sendPassword
end
int
: string
: string
: string
: unit -> person_id option
: unit -> bool
: int -> string
: person_id -> unit
The function newPassword takes as argument an integer n and generates a new
password constructed from n characters chosen randomly from the character set
{a . . . zA . . . Z2 . . . 9} \ {loO}.
The function sendPassword takes a person_id as argument and sends an email
with the user’s password to the user. The three strings loginPage, defaultHome,
and siteName are configuration strings that default to the login page provided by
the authentication mechanism, the default page that the user is forwarded to once
logged in, and the name of the Web site.
The function verifyPerson returns SOME(p) if the user (1) is logged in, and (2)
is identified by the person_id p; otherwise the function returns NONE. The implementation of the function checks if cookies with the names auth_person_id and
auth_password are available, and if so, proceeds by checking that the password in
the database is identical with the password in the cookie. For reasons having to
do with caching of passwords (Section 9.6), we define a function verifyPerson0,
which the function verifyPerson calls with a function for extracting a password
for a user from the database:
fun verifyPerson0 (getPasswd: string -> string option)
: person_id option =
(case (Web.Cookie.getCookieValue "auth_person_id",
Web.Cookie.getCookieValue "auth_password")
of (SOME person_id, SOME psw) =>
(case getPasswd person_id
of NONE => NONE
| SOME db_psw =>
if db_psw = psw then Int.fromString person_id
else NONE
)
| _ => NONE
