Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- General login process, pretending that encryption isn't a thing
- You have a client, a login server, and a database
- Client sends username and hashed password to the login server
- {
- {
- "username" : "huyngo1216"
- "password" : "A63B8$ha8dh"
- }
- }
- login server makes a request to the database to check for the username, and if that exists check if the password hashes match
- SELECT * FROM accounts WHERE accounts.user = "huyngo1216" AND WHERE accounts.password = "A63B8$ha8dh";
- the database will either return a record, or it won't. if it returns a record, the server sends back an "okay" and (for simplicity's sake) lets the user into the protected section of the app. Or it sends back a "not okay" and the user is redirected back to the login screen.
- {
- {
- "success" : false
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement