stackoom
  简体   繁体   中英

How can i use the html, javascript web storage for login script

 原文  2015-06-05 11:14:42       javascript/ html

Question

I want to use the web storage for my login system which has about 24 pages. i am trying to use the HTML-5 web storage api for session value storage. Here is what i have tried. 

      <div class="main">        
        <form id="form_id" method="post" name="myform">
          <table>
              <tr><td class="credentials-top">LoginID </td><td><input type="text" name="username" id="username" autofocus/></td></tr>
              <tr><td class="credentials-top">Password </td><td><input type="password" name="password" id="password"/></td></tr>
          </table>
          <input type="button" value="Login" class="btn btn-warning" onclick="validate(),senduser()"/>
        </form>
      </div>

javascript: 

function validate(){
    var username = document.getElementById("username").value;
    var password = document.getElementById("password").value;
    var role;
    if (password == "vp"){
        localStorage.setItem("role", "vp");
        return false;
    }
    else if (password == "sales"){
        localStorage.setItem("role", "sales");
        return false;
    }
    else if (password == ""){
        return false;
    }
    else{
        window.location = "login-failed.html";
    }
}

Here i want to set the value of role to vp or sales depending on password accecpted. and i want to use role value to check if the user is vp or sales, how can i do this?

1 answers

solution1
 3 ACCPTED  2015-06-05 12:35:31

As I understand, you're trying to retrieve the saved values from another page.

To do so, just read the values like you set them : 

role = localStorage.role

will give your variable back.

I would rewrite your code this way : 

<input type="button" value="Login" class="btn btn-warning" onclick="validate()"/>

function validate(){
    var username = document.getElementById("username").value;
    var password = document.getElementById("password").value;

    if(!password.length) return false;

    var role,
        allowedPasswords = ["vp","sales"]; // clean way to handle a large number of passwords without repeating your code

    if(allowedPasswords.indexOf(password) > -1){
        localStorage.role = password;
    }else{
        window.location = "login-failed.html";
    }

    senduser();
}

Although it is off-topic, I raise serious doubts about the security of a password that bould be "vp". I mean, you just can't seriously go into production with an application that accepts "vp" as a password.

Edit :

As Feeela mentioned, it is not more secure to store a password in clear, directly in the browser. However, althought the variable is called "password", It's not used as a password whatsoever. It's not used for authentication purposes. It's just a "role" in the company and should just be a "choose your role" dropdown. Having a password field for this is totally incongruous.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How can i add new javascript file in odoo 11.0 and call the script on load of web/login? How should I configure a Javascript Webapp so that it can use a Web Browser to view files in Google Cloud storage How can I encrypt HTML5 web storage? How can I use session storage in a Puppeteer script? How can i use html tags in javascript What local storage in html5 can I use safely in the browser ui thread and the web worker thread How can I use a variable of one <script> in another <script> in javascript? How can I disable downloading javascript with Loadrunner Web (Click and Script)? How can I convert web page with javascript to plain html? How can I create web service functionality via html and JavaScript
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM