Skip to content

USERS Module

Jurek Muszyński edited this page May 10, 2019 · 76 revisions

Database

SQL script

In order to use USERS module, you need to have a MySQL database and a couple of tables in it.

How to create a database in MySQL

Let's suppose we want to create a database for Toy Facebook.

  1. You need to have the path to MySQL bin directory added to your environment. In the command line you need to be able to invoke mysql command.
  2. Log in to mysql command line tool:
mysql -u root --password=mysqlrootpassword
  1. Create user:
create user 'tfb'@'localhost' identified by 'tfb';
grant all privileges on * . * to 'tfb'@'localhost';
quit
  1. Go to mysql again, as tfb user:
mysql -u tfb --password=tfb
  1. Create database:
create database tfb;
quit
  1. Create tables. Use this SQL script.
mysql -u tfb --password=tfb tfb < users.sql

silgy_app.h

Both DBMYSQL and USERS switches must be defined:

#define DBMYSQL
#define USERS

Compilation script

Add MySQL library path and name, so your m script would look like this:

#!/bin/sh

echo Making silgy_app...

g++ silgy_app.cpp \
../lib/silgy_eng.c ../lib/silgy_lib.c ../lib/silgy_usr.c \
-s -O3 \
-I/usr/include/mysql55 \
-L/usr/lib64/mysql -lmysqlclient \
-o ../bin/silgy_app

At least this script works on AWS AMI distro, you may need to verify your paths if using something else.

Sample code

You can download Toy Facebook project as a template for a typical web application with users.

Logged in user sessions in Silgy

You may want to learn about sessions in Silgy first.

Successful silgy_usr_login() call does the following:

  • Sets the uses array record values (accessible via US macro),
  • Adds record to users_logins table,
  • Adds ls cookie to the response,
  • Updates users.visits and users.last_login.

Keep Me Logged In

Adding keep=on to the login request will set ls cookie expiration to date to +30 days. Therefore – until you call silgy_usr_logout() – every subsequent request with valid ls cookie and the same User Agent as in the initial request, will automatically mark session as "logged in". Note that silgy_usr_logout() removes all records that belong to the user so it will log them out from every device.

Otherwise

Without keep=on cookie does not have expiration time, so by default it will expire by the end of the current browser session.

Caching

Logged in sessions are cached for 30 minutes after last activity. Within this range there is no need to query users_logins table.

Unsuccessful logins

Unsuccessful login count and time is stored in users.ula_cnt and users.ula_time. Then there are 4 tresholds affecting the next attempts:

Macro Description Default
MAX_ULA_BEFORE_FIRST_SLOW Maximum unsuccessful login attempts before first slowing down (1 attempt per minute will be allowed) 5
MAX_ULA_BEFORE_SECOND_SLOW Maximum unsuccessful login attempts before second slowing down (1 attempt per hour will be allowed) 10
MAX_ULA_BEFORE_THIRD_SLOW Maximum unsuccessful login attempts before third slowing down (1 attempt per day will be allowed) 20
MAX_ULA_BEFORE_LOCK Maximum unsuccessful login attempts before locking user out 100

Clone this wiki locally