forked from sqlpage/SQLPage
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathlogin.sql
More file actions
19 lines (17 loc) · 832 Bytes
/
login.sql
File metadata and controls
19 lines (17 loc) · 832 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
-- The authentication component will stop the execution of the page and redirect the user to the login page if
-- the password is incorrect or if the user does not exist.
SELECT 'authentication' AS component,
'signin.sql?error' AS link,
(SELECT password_hash FROM user_info WHERE username = :username) AS password_hash,
:password AS password;
-- Generate a random 32 characters session ID, insert it into the database,
-- and save it in a cookie on the user's browser.
INSERT INTO login_session (id, username)
VALUES (sqlpage.random_string(32), :username)
RETURNING
'cookie' AS component,
'session' AS name,
id AS value,
FALSE AS secure; -- You can remove this if the site is served over HTTPS.
-- Redirect the user to the protected page.
SELECT 'redirect' AS component, 'protected_page.sql' AS link;