Re: UU code

[sergey@total-knowledge.com]

Basically it means that _only_ stored procedures can be used in model
class' operations in order to modify/access DB data, they have to be
written as generic as possible.
Also stored procedures may be used in not-login-protected pages on UI and
it means that not every DB session should start from calling
login(username, password) stored proc.
See below for more...

> In PostgreSQL, there is now session variables. Our only possibility is to
> use temporary table(s). Every database session should start from calling
> login(username,password) stored proc. After successful authentication the
> login information is stored and all the stored procs  would use it
> automatically. This way, we can allow/disallow modifications of data on
> row
> level. So, if we manage to keep the database connection after the login
> page
> - there is now need for keeping login information. Currently, we can store
> username and password this way. Let me know if we need more session
> variables.

Maybe user's first and last names too for now would be nice to have.


>
> 2007/3/7, sergey@total-knowledge.com <sergey@total-knowledge.com>:
>>
>> Alexey,
>>
>> I'm working on authentication functionality and I need your opinion on
>> the
>> best way to do it. Ilya mentioned(see quote below) that you did
>> something
>> similar with DB. Can you please share how you made it work?
>>
>>
>> > - There should not be any need to save username and password in
>> session
>> >   (talk to Belkman about authentication with DB, I remember we
>> discussed
>> >    something interesting recently, and he got that to work)
>> >
>> > --
>> > Ilya A. Volynets-Evenbakh
>> > Total Knowledge. CTO
>> > http://www.total-knowledge.com
>> >
>> >
>>
>>
>>
>
>
> --
> Alexey Parshin,
> http://www.sptk.net
>