Neil Conway sez:
} On Fri, 24 May 2002 12:45:00 +0530
} "Arindam Haldar" <arindamhaldar@hotpop.com> wrote:
} > hi,
} > i want to authenticate web users from postgrsql for which i created a
} > table having,among others, username & password... is there any data
} > types where password can be stored encrypted ?.. at present am vsing
} > varchar(16) but i c one (administrator) can read the password. i didnt
} > find any data type specifying encrypted type !...
}
} Use contrib/pgcrypto, store the hashed version of the password (say,
} using SHA1). When you want to check if the correct password is used,
} hash the string the user entered and compare it to the stored version.
Where is the documentation on this? Is it like what I wound up doing (see
below)?
Since I was coming from MySQL, I wanted the PASSWORD() function it has
builtin and I wound up writing it as a C function:
CREATE FUNCTION PASSWORD (text) RETURNS text
AS '/home/gss/src/crypt.so'
LANGUAGE C WITH (isstrict);
I can attach the C source if anyone is interested.
} Cheers,
} Neil
--Greg
