所以我有了这个黑盒认证方法，是账户人传给我的，基本上相当于ldap_bind($connection, $username, $password).但当然，我希望我的用户能够一次登录 30 天.

So I have this black box authentication method, handed down to me from the accounts people, which basically amounts to ldap_bind($connection, $username, $password). But of course, I want my users to be able to log in for, say, 30 days at a time.

处理此问题的简单但不安全的方法是将用户名和密码存储在纯文本 cookie 中，然后在每次用户访问时使用我的黑匣子验证它们.

The naive but insecure way to handle this is to store the username and password in plaintext cookies, then validate these using my black box every time the user visits.

通常可行但由于我的黑匣子而无法使用的方法是将用户的密码存储在数据库中(或将其存储为散列?)，并将散列后的版本存储在 cookie 中，然后比较值.这在这里不起作用，因为我的黑匣子需要实际密码，而不是散列密码.

The way that usually works but doesn't because of my black box is to store the user's password in the database (or store it hashed?), and store the hashed version in the cookie, and then compare the values. This doesn't work here since my black box demands the actual password, not a hashed password.

我目前的想法是某种加密(与散列相反).但由于这显然是一个常见问题，我想我最好先问问周围是否有更好的解决方案，或者如果没有，你会建议加密/解密方法.

My current thought is some kind of encryption (as opposed to hashing). But since this is obviously a common problem, I thought I'd best ask around first to see if there's a better solution lying around, or if not, what you would suggest for the encryption/decryption method.

推荐答案

这并不能真正回答你的问题，但你不应该存储你的用户密码，甚至不加密.

This will not really answer your question, but you should NOT store your users passwords, not even encrypted.

如果您真的必须这样做，并且用户明白您正在这样做.然后将密码存储在应用程序的数据库中(当然是加密的)，然后向用户发送带有哈希的 cookie.当用户想要登录时，将哈希值与您存储的内容进行比较，然后才将未加密的密码发送到 ldap.永远不要将密码(甚至没有加密)发送到用户的机器.

If you really really have to do it, and the users understand that you are doing it. then store the password in a database of your application (encrypted, of course) and then send the user a cookie with a hash. When the user wants to login, compare the hash to what you stored and only then send the unencrypted password to the ldap. Never send the password (not even encrypted) to the user's machine.

同样，这是一个非常糟糕的做法.如果 ldap 不允许您存储会话/密码，那么这可能是有充分理由的.

Again, this is a very bad practice. if the ldap does not allow you store sessions/passwords then there is probably a good reason for this.