Validate password
Validate password ( userID ; password {; digest} ) -> Function result
| Parameter | Type | Description | |
|---|---|---|---|
| userID | Integer, Text | → | Unique user ID or User name |
| password | Text | → | Unencrypted password |
| digest | Boolean | → | Digest password = True, Plain-text password (default) = False |
| Function result | Boolean | ← | True = valid password False = invalid password |
This command is not thread-safe, it cannot be used in preemptive code.
Description�
Validate password returns True if the string passed in password is the password for the user account whose ID number or name is passed in userID.
The optional digest parameter indicates whether the password parameter contains a plain-text password or a hashed password (digest mode):
- When you pass True, this indicates that password contains a hashed password (digest mode),
- When you pass False or omit this parameter, this indicates that password contains a plain-text password.
This parameter is particularly helpful when using authentication database methods, in particular the On REST Authentication database method.
The command execution is now delayed to prevent flooding (brute force attack), in other words, attempts of multiple user name/password combinations. As a result, after the 4th call to this command, it is run only after a period of 10 seconds. This delay is throughout the entire work station.
Example 1
This example checks whether the password of the user “Hardy” is “Laurel”:
GET USER LIST(atUserName;alUserID)
$vlElem:=Find in array(atUserName;"Hardy")
If($vlElem>0)
If(Validate password(alUserID{$vlElem};"Laurel"))
ALERT("Yep!")
Else
ALERT("Too bad!")
End if
Else
ALERT("Unknown user name")
End if
Example 2
In the On REST Authentication database method, you want to test a connection request (using the 4D users of the database). You can just write:
$0:=Validate password($1;$2;$3)