-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathyourprog.ort
More file actions
46 lines (36 loc) · 1.21 KB
/
yourprog.ort
File metadata and controls
46 lines (36 loc) · 1.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
struct user {
field email email unique;
field hash password;
field id int rowid;
search email, hash: name creds
comment "Search for the user by their email address and
password (which is hashed of course). This is
how the login sequence typically works.";
update email: id: name email
comment "Change the user's email address.";
update hash: id: name pass
comment "Change the user's password.";
comment "The operator of this application.";
};
struct sess {
field user struct userid;
field userid:user.id int;
field token int
comment "Random cookie value. This makes it so that
adversaries can't guess predictable session id
values and hijack other sessions.";
field id int rowid;
delete id, token: name id
comment "Delete a session. In a real app, it's not
likely that one will delete anything, opting
for a delete-time or similar field, but this
keeps things simple.";
insert;
search id, token: name creds
comment "Search for the session by its unique identifier
pair. This is how browsers look up their
current session.";
comment "This is a browser session. Browsers identify their
session with the id, which is guessable, and the token,
which is not.";
};