hash is reversible or not? On Wed, Feb 27, 2013 at 8:18 PM, Clark Gaebel <cgae...@uwaterloo.ca> wrote:
> You could just hash it. > > - Clark > > > On Wed, Feb 27, 2013 at 2:08 PM, Corentin Dupont < > corentin.dup...@gmail.com> wrote: > >> So I need to "encrypt" the user ID in some way? What I need is to >> associate the user ID to a random number and store the association is a >> table? >> >> >> >> On Wed, Feb 27, 2013 at 3:52 PM, Erik Hesselink <hessel...@gmail.com>wrote: >> >>> Note that cookies are not the solution here. Cookies are just as user >>> controlled as the url, just less visible. What you need is a session >>> id: a mapping from a non-consecutive, non-guessable, secret token to >>> the user id (which is sequential and thus guessable, and often exposed >>> in urls etc.). It doesn't matter if you then store it in the url or a >>> cookie. Cookies are just more convenient. >>> >>> Erik >>> >>> On Wed, Feb 27, 2013 at 3:30 PM, Corentin Dupont >>> <corentin.dup...@gmail.com> wrote: >>> > Yes, having a cookie to keep track of the session if something I plan >>> to do. >>> > >>> > On Wed, Feb 27, 2013 at 3:16 PM, Mats Rauhala <mats.rauh...@gmail.com> >>> > wrote: >>> >> >>> >> The user id is not necessarily the problem, but rather that you can >>> >> impose as another user. For this, one solution is to keep track of a >>> >> unique (changing) user token in the cookies and use that for verifying >>> >> the user. >>> >> >>> >> -- >>> >> Mats Rauhala >>> >> MasseR >>> >> >>> >> -----BEGIN PGP SIGNATURE----- >>> >> Version: GnuPG v1.4.10 (GNU/Linux) >>> >> >>> >> iEYEARECAAYFAlEuFVQACgkQHRg/fChhmVMu3ACeLLjbluDQRYekIA2XY37Xbrql >>> >> tH0An1eQHrLLxCjHHBQcZKmy1iYxCxTt >>> >> =tf0d >>> >> -----END PGP SIGNATURE----- >>> >> >>> >> >>> >> _______________________________________________ >>> >> Haskell-Cafe mailing list >>> >> Haskell-Cafe@haskell.org >>> >> http://www.haskell.org/mailman/listinfo/haskell-cafe >>> >> >>> > >>> > >>> > _______________________________________________ >>> > Haskell-Cafe mailing list >>> > Haskell-Cafe@haskell.org >>> > http://www.haskell.org/mailman/listinfo/haskell-cafe >>> > >>> >> >> >> _______________________________________________ >> Haskell-Cafe mailing list >> Haskell-Cafe@haskell.org >> http://www.haskell.org/mailman/listinfo/haskell-cafe >> >> >
_______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe