Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
D
D
demortall2021-05-16 13:10:00
PHP
demortall, 2021-05-16 13:10:00

Is it possible to make such an authorization?

It is necessary that during authorization write down cookies.
For example: a person logged in, data was found in mysql. And according to this data, the id and role of the person are read, and written into cookies.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
N
none7, 2021-05-16
@none7

It is possible if this data is encrypted with a decent crypto algorithm. Naturally, the encryption key must be generated from /dev/random and changed regularly. We also store the key id in the cookie (not the check-sum), and on the server all the previously used keys. You can also replace encryption with a hash using a similar temporary key. If the key is very rotten, then we do not trust it. But I strongly advise you not to write roles in cookies, because if a person's privileges were taken away, the cookie entry will still remain with role=admin. Traditional sessions are much more reliable.

Similar questions
D
dro1d2015-09-30 02:46:43
How to replace the standard bitrix component? 2Reply
4
4sadly2020-04-18 00:41:23
Does anyone have a good example of a user class? 2Reply
L
littleguga2015-09-30 15:07:04
Build your php? 1Reply
U
UnFox2018-02-05 18:32:27
How to make sure that the file is not reset? 1Reply
D
Dmaw2021-06-11 14:34:03
Warning: ftp_fget(): Type set to A? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question