Validate a user by password in perspective

In vision I can validate a user by password by using **system.security.validateUser(username, password, authProfile, timeout)
In perspective is the other hand, the system.perspective.isAuthorized() can’t check the current login user password.
I need this because after a user login in the system, I want each time the user want to send dangerous command, he is recheckef by the his password. In this way other operator which seat there can’t send the command if the current login operator left the control room for just a minute.(for example go-to WC)
The system.perspective.isAuthorized() can’t get the current user password again to validate it.
Is there any way to do this right now in perspective? for example access user password in session props.

Hi Nader,
Where you able to figure out how to do this ? If so, Do you mind sharing the workaround ?

You can get the current users user name from the session props.

Just have a ‘login pop-up view’ that is pre-populated with the current users user name, then have them re-enter the correct password. Then validate with system.security.validateUser

If they get the password right, execute the command.

	valid = False
	user =  self.session.props.auth.user.id
	password = self.getSibling("PasswordField").props.text
	valid = system.security.validateUser(user,password)

You could even use the system.security.getUserRoles(user, password) command to double check that they have permission to execute the command

Yes the only way in perspective is to create a sqlite file and save user password in it so you can use it in future checking.

The system.security.validateUser only valid for vision as I remember

encrypted ofc

Salted and hashed, not encrypted.

3 Likes

yes that is what i ment^^

Thanks Everyone for your inputs. I ended up getting it working usin system.security.validateUser function which is supported on Perspective.

Oh really now it supported by perspective?
But the docs scope section include only vision

The docs list the first signature as Vision Client, and the second as Gateway + Perspective Session… not sure if that’s intentional or not. I think it might be because the timeout parameter isn’t used on the gateway version.

2 Likes