Basic Authentication and Authorization example

[mnesarco]

Hi Friends, Here I am sharing an example of how to manage authentication and authorization: https://github.com/mnesarco/sqlpage_auth_example

I use Postgresql and stored procedures to avoid code duplication as much as possible as include directive is not yet available in SQLPage.

Ref: https://github.com/lovasoa/SQLpage/issues/20

As I am new to SQLPage, it would be great to have some feedback. Maybe I am not following best practices or I am just reinventing the wheel.

[DSMejantel]

Hello, You can see my example on my github repository.

With the help from lovasoa, i build my page so with authentification and restriction acces :

`SELECT 'redirect' AS component, 'signin.sql?error' AS link WHERE NOT EXISTS (SELECT 1 FROM login_session WHERE id=sqlpage.cookie('session')); SET group_id = (SELECT user_info.groupe FROM login_session join user_info on user_info.username=login_session.username WHERE id = sqlpage.cookie('session'));

SELECT 'redirect' AS component, 'index.sql?restriction' AS link WHERE $group_id<'2';`

[lovasoa]

I will add links to both your examples to the readme

[mnesarco]

Hi @DSMejantel Impressive example, thank you. I have a lot of things to learn from it. My example is only about Authentication and Authorization and reducing code duplication on every page.

[DSMejantel]

Hello, I propose a new version with my last commit for the authencation with an 'activation key' at the first time. Then key is deleted when user has created his own password. If password is lost, Admin can edit a new key and the forgotten password will be deleted. So it will be easier to import vie csv file a lot of user with different key (and no more hash_password)