Password (and other user details) not inserted in database
Issue #11
resolved
Currently phpDBauth does not insert/udpate the password to the database, as the former's primary prupose was to work with an alternative authentication mechanism.
However some consumer libraries may require the password to be updated in the database.
This also aligns with the long term goal of phpDBauth becoming an independent DB auth library
Comments (6)
-
reporter
-
reporter
- edited description
This can be expanded to include other user details, which may have been fetched from the “other” authentication mechanism.
A more elegant solution would be to add capability to insert any number of users' details (email, full name, etc.), to allow synchronisation of the “other” primary authentication mechanism and the local user database.
This is related to the issue #7 on phpLDAPauth
-
reporter
- changed title to Password (and other user details) not inserted in database
-
reporter
This will be fixed with PR #11
-
reporter
- changed status to resolved
Fixed with PR #11
-
reporter
- Log in to comment
Initially the calling function will be required to modify the password string before passing on to phpDBauth, this will ensure that the password stored suits the application using the library.
E.g., some applications do not allow a null password in the GUI/frontend, some store hashed passwords, etc.
A future version of phpDBauth may be required to pre-process the password before storing in DB, and/or carry out validity checks on the provided password (depending on whether it is a 'store' or a 'retrieve' operation)