Is there a way, having a user entered username and password, to select a single row
from pg_shadow which is using md5 password encryption?
I'm currently authenticating web users (.asp page) with our own user table that uses
crypt() to store passwords. I'd like to remove our 'redundant' user table and use
pg_shadow. The authentication function I'm using is included in the attachment...
Thanks.
<<auth_user.txt>>
William Harazim, Software Engineer, Fulco Inc. 973-627-2427, x129
CREATE FUNCTION auth_user(text, text) RETURNS bool AS '
DECLARE
salt text;
BEGIN
SELECT INTO salt substring(passwd, 1, 2) FROM users WHERE usename = $1;
IF NOT FOUND THEN
RETURN false;
END IF;
PERFORM * FROM users WHERE usename = $1 AND passwd = crypt($2, salt);
IF NOT FOUND THEN
RETURN false;
END IF;
RETURN true;
END;
' LANGUAGE PLPGSQL;
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
