Thanks for the question, Vini.
Asked: April 28, 2020 - 7:19 am UTC
Last updated: April 29, 2020 - 3:01 am UTC
Version: 19.1
Viewed 1000+ times
You Asked
I am developing a ticketing application and using custom authentication using below function.
create or replace FUNCTION user_Auth(p_username IN VARCHAR2,
p_password IN VARCHAR2)
RETURN BOOLEAN IS
lv_char CHAR(1);
lv_cnt NUMBER;
BEGIN
SELECT 'x'
INTO lv_char
FROM people
WHERE upper(p_username) = upper(username)
AND p_password = password;
apex_util.set_authentication_result(0);
RETURN TRUE;
EXCEPTION
WHEN OTHERS THEN
apex_util.set_authentication_result(4);
RETURN FALSE;
END user_Auth;
As of now it takes username and password from people table, which i use in my login page.
Can i customize it further so that whenever there is a new user created in people, that user is prompted to set his own password and after setting,that password is automatically stored in people table??
and Connor said...
Firstly.... do not store passwords... like ever!
See here for how to do it
https://asktom.oracle.com/pls/apex/asktom.search?tag=hashing-vs-passwords Typically for the requirement you want, someone would be given a default password with a flag on the PEOPLE table saying "this is a new user". Thus they will successfully authenticate with the default password, and then the flag will be your mechanism to then divert them to the "pick a new pasword" page.
But are you sure you're not re-inventing the wheel here? Perhaps use APEX authentication to handle the logging in part, and then join to a PEOPLE table to have your own customisations etc