Verifying User Login
-
Hello, I need an idea on how to go about this:
Imagine there's a school with students' records stored in a database. The records have different attributes/fields including userID, password, department, etc. The userID is a unique key.
Students can log into different platforms with their username and password.
Now there's a particular platform only students belonging to a particular department can access, for example, only students in Computer science department can access the class named SPECIAL PROJECT.
Now, how can I program the login verification please?
What I did, in the Special Project login form, I created only two fields: userID and password. I deliberately didn't create a field for department.I want a situation whereby when a user enters his login details, the system will verify the data he entered if it exists in the database table and then check if the corresponding department for the login details is "Computer Science".
I did not create a field in the login form, I want to know if there's a way for the system to check if the department of the user with the login details is Computer science.
I think it is possible but don't know how to do it presently. What do you think please?
The photo attached is a code written by me but that will only verify the username and password without checking for the department.
Kindly assist me with information if you have any clue.
-
Hi,
That's something you need to do at the backend level.
But why would you need your user to tell you which department(s) they belong to as part of their login data ? It's typically something that is stored as part of the user profile/data and not something that one needs to provide.
On a side note, I hope this is just testing code because otherwise you are either using plain text password in your database or doing some password encoding on the client side which neither is a good idea.
By the way, please post your code as text not images. There are coding tags that you can use (the </> button in the editor toolbar).
-
Hi,
That's something you need to do at the backend level.
But why would you need your user to tell you which department(s) they belong to as part of their login data ? It's typically something that is stored as part of the user profile/data and not something that one needs to provide.
On a side note, I hope this is just testing code because otherwise you are either using plain text password in your database or doing some password encoding on the client side which neither is a good idea.
By the way, please post your code as text not images. There are coding tags that you can use (the </> button in the editor toolbar).
-
I read and understood your question.
My own questions are still valid.
My remarques about doing the check on the backend side is still valid as well.
Your code does a check using the department name but the code is wrong as you are breaking the string the way you try to do it.
In any case, since you are on Python, I would recommend taking a look at SQLAlchemy's ORM. This will help you write simpler and cleaner code rather than building all your queries by hand.
-
I read and understood your question.
My own questions are still valid.
My remarques about doing the check on the backend side is still valid as well.
Your code does a check using the department name but the code is wrong as you are breaking the string the way you try to do it.
In any case, since you are on Python, I would recommend taking a look at SQLAlchemy's ORM. This will help you write simpler and cleaner code rather than building all your queries by hand.
-
Sorry if I sound brutal but you should rather get a better understanding of how managing users works than ready made code.
From the looks of it, you are accessing your school's main database, correct ?
If so there's likely already some documented way to access these information.
If not, then I would highly recommande to first take a look at how this can be implemented with frameworks like Django.
If accessing a readymade database, then again, take a look at SQLAlchemy's ORM to handle the database communication/query part.
-
Sorry if I sound brutal but you should rather get a better understanding of how managing users works than ready made code.
From the looks of it, you are accessing your school's main database, correct ?
If so there's likely already some documented way to access these information.
If not, then I would highly recommande to first take a look at how this can be implemented with frameworks like Django.
If accessing a readymade database, then again, take a look at SQLAlchemy's ORM to handle the database communication/query part.
@SGaist never mind. It's obvious you have no clue. Anything that can be imagined can be made possible. Don't worry, I will come up with something and fix it before the week runs out if I'm less busy.
I love programming, if one can think logically, one can manipulate things. I've programmed some projects lime this before using conditions. I hope to do so with this just that I've been too busy with lot of tasks.
Once again, thanks for your time.
-
@CEO said in Verifying User Login:
@SGaist never mind. It's obvious you have no clue
I sure have no clue about the database you are using to store your user information as you did not give any information about it nor did you say the exact error you are hitting.
-
Sorry if I sound brutal but you should rather get a better understanding of how managing users works than ready made code.
From the looks of it, you are accessing your school's main database, correct ?
If so there's likely already some documented way to access these information.
If not, then I would highly recommande to first take a look at how this can be implemented with frameworks like Django.
If accessing a readymade database, then again, take a look at SQLAlchemy's ORM to handle the database communication/query part.
-
@CEO said in Verifying User Login:
@SGaist never mind. It's obvious you have no clue
I sure have no clue about the database you are using to store your user information as you did not give any information about it nor did you say the exact error you are hitting.
@SGaist Eureka!!!
I just got it right!!Now see how I resolved it.
result = conn.execute("SELECT * FROM tableName WHERE usernameID = ? AND pw = ? AND department = 'Computer Science' ", (username, password) )
Eureka!
If you can imagine it, then it can happen.
-
That is what my answer contained.
@SGaist said in Verifying User Login:
Your code does a check using the department name but the code is wrong as you are breaking the string the way you try to do it.
Since you are commanding that stuff, I stand by my suggestions about database handling. You really should use a framework that allows modeling of your data and also please do not store password in plaintext.
-
That is what my answer contained.
@SGaist said in Verifying User Login:
Your code does a check using the department name but the code is wrong as you are breaking the string the way you try to do it.
Since you are commanding that stuff, I stand by my suggestions about database handling. You really should use a framework that allows modeling of your data and also please do not store password in plaintext.
-
That is what my answer contained.
@SGaist said in Verifying User Login:
Your code does a check using the department name but the code is wrong as you are breaking the string the way you try to do it.
Since you are commanding that stuff, I stand by my suggestions about database handling. You really should use a framework that allows modeling of your data and also please do not store password in plaintext.
@SGaist again if you look at my line of code for the SQL statement, you would have seen the statement was actually correct, the error I made was enclosing the name of the department in double quotes like this ... "Computer Science". Microsoft SQL doesn't accept double quotes for string values (varchar) as in my case.
I should have enclosed it in a single quote like this ... department = 'Computer Science'The data type for the field department in my table is varchar(30)
The library I'm using is pyodbc.
PyQt5 gui framework.
I should have given more details in my opening post. I thought I did actually.
MySql uses double quotes for string values, Microsoft SQL uses single quotes
-
And again as well, the image of the code you posted shows that your Python code is invalid. As I already explained, your use of double quotes breaks the line of code itself. The fact that your DB server does not handle double quotes is an entirely different issue that cannot be deduced neither by the information nor the code you provided.
Since you did not tell which type of database you were using, nor the exact error(s) you were getting, the only obvious one was the fact that that line was invalid code.
On a side note, the double quote handling of MySQL is in fact non standard so you were currently lucky with that one.
Since you are using Qt, you might want to take a look at the Qt SQL module.
