Skip to main content
Version: Next

Validate password

Validate password ( userID ; password {; digest} ) : Boolean

ParameterTypeDescription
userIDInteger, TextUnique user ID or User name
passwordTextUnencrypted password
digestBooleanDigest password = True,
Plain-text password (default) = False
Function resultBooleanTrue = valid password False = invalid password

This command is not thread-safe, it cannot be used in preemptive code.

Description

Validate password returns True if the string passed in password is the password for the user account whose ID number or name is passed in userID.

The optional digest parameter indicates whether the password parameter contains a plain-text password or a hashed password (digest mode):

  • When you pass True, this indicates that password contains a hashed password (digest mode),
  • When you pass False or omit this parameter, this indicates that password contains a plain-text password.

This parameter is particularly helpful when using authentication database methods, in particular the On REST Authentication database method.

The command execution is now delayed to prevent flooding (brute force attack), in other words, attempts of multiple user name/password combinations. As a result, after the 4th call to this command, it is run only after a period of 10 seconds. This delay is throughout the entire work station.

Example 1

This example checks whether the password of the user “Hardy” is “Laurel”:

 GET USER LIST(atUserName;alUserID)
 $vlElem:=Find in array(atUserName;"Hardy")
 If($vlElem>0)
    If(Validate password(alUserID{$vlElem};"Laurel"))
       ALERT("Yep!")
    Else
       ALERT("Too bad!")
    End if
 Else
    ALERT("Unknown user name")
 End if

Example 2

In the On REST Authentication database method, you want to test a connection request (using the 4D users of the database). You can just write:

 $0:=Validate password($1;$2;$3)

See also

GET USER PROPERTIES
Set user properties
WEB Validate digest