Next: , Previous: , Up: Authentication   [Contents]

19.3 Common Authentication

Actually, there are multiple authentication methods that can be used by developers. Most of them are sort of tricky hacks. Here we only introduce the most common way.

The most common and relative safe way for authentication is to use POST method. And check username and passwd from a table in DB.

There’re several syntax sugar for authentication.

The simplest case is for String Template:

#:auth "string-template"

If you put the account information in a database table, then you may use table mode:

#:auth `(table ,table-name [,username-field] [,passwd-field] [,salt-field] [,hmac])

NOTE: The square-bracked [item] is optional.

The default values of optional items are:

GNU Artanis requires the salted password, it’s not optional.

So please prepare a field in the table for salt string. It’s your duty to generate a salt string, please see Random String Generator. When authenticate, please specify the salt field name in salt-field.

For hmac item, please see HMAC.