Objective c 如何验证帐户';密码
我在我的应用程序中询问帐户的密码(在mac中登录的密码)。如何验证用户输入的密码 我想是这样的,但不起作用:Objective c 如何验证帐户';密码,objective-c,macos,Objective C,Macos,我在我的应用程序中询问帐户的密码(在mac中登录的密码)。如何验证用户输入的密码 我想是这样的,但不起作用: -(BOOL)authenticatePassword:(char *)password adminName:(char *)userName { BOOL retValue = NO; OSStatus status,status1; AuthorizationFlags flag; AuthorizationItem items[2]; i
-(BOOL)authenticatePassword:(char *)password adminName:(char *)userName
{
BOOL retValue = NO;
OSStatus status,status1;
AuthorizationFlags flag;
AuthorizationItem items[2];
items[0].name = kAuthorizationEnvironmentPassword;
items[0].value = password;
items[0].valueLength = strlen(password);
items[0].flags = 0;
items[1].name = kAuthorizationEnvironmentUsername;
items[1].value = userName;
items[1].valueLength = strlen(userName);
items[1].flags = 0;
AuthorizationItemSet itemSet = {2,items};
status = AuthorizationCreate(NULL, &itemSet, kAuthorizationFlagDefaults, &authorization_);
if(status == errAuthorizationSuccess) {
AuthorizationRights rights = {2,&items};
//AuthorizationEnvironment kEnviroment = {2, items};
AuthorizationFlags flag1 = kAuthorizationFlagDefaults;
status1 = AuthorizationCopyRights(authorization_, &rights,NULL, flag1, NULL);
if(status1 == errAuthorizationSuccess) {
retValue = YES;
}
}
return retValue;
}
authorization services API
将验证密码是否错误并再次提示。在authorization Copyrights
调用中,验证的用户凭据应位于环境参数中(注释掉的行)rights参数应该包含您希望使用此用户凭据获得的权限
权限可以包含内置权限或用户创建的权限,使用内置权限更简单,因为创建用户定义的权限需要管理员权限
下面的代码将为您实现这一目的,只需使用username/password参数调用AuthenticateForRight
,它将尝试获得authorizationDB中内置的allow权限,该权限需要有效的用户凭据
要与自定义权限一起使用,您应该调用SetupAuthorizationForRight
,并在authenticationDB中创建权限的管理员权限,之后,您可以随时通过AuthenticateForRight
检查用户凭据,作为普通用户,只需传递rightName参数,您也可以第一次传递SetupAuthorizationForRight
// original code: https://developer.apple.com/library/mac/#technotes/tn2095/_index.html
// https://developer.apple.com/library/mac/documentation/Security/Conceptual/authorization_concepts/03authtasks/authtasks.html#//apple_ref/doc/uid/TP30000995-CH206-BCIGEHDI
bool SetupAuthorizationForRight(const char* rightName)
// Called as the application starts up. Creates a connection
// to Authorization Services and then makes sure that our
// right is defined.
{
OSStatus err;
// Connect to Authorization Services.
AuthorizationRef authorization = NULL;
err = AuthorizationCreate(NULL, NULL, 0, &authorization);
// Set up our rights.
if (err == noErr) {
// Check whether our right is already defined.
err = AuthorizationRightGet(rightName, NULL);
if (err == noErr) {
// A right already exists, either set up in advance by
// the system administrator or because this is the second
// time we've run. Either way, there's nothing more for
// us to do.
} else if (err == errAuthorizationDenied) {
// The right is not already defined. Let's create a
// right definition based on the custom (not canned) rule defined
// in the dictionary below.
// The system administrator can modify this right as they
// see fit.
CFStringRef keys[2] = {CFSTR("class"), CFSTR("group")};
CFStringRef values[2] = {CFSTR("user"), CFSTR("everyone")};
// Allow access for every user - all of local and remote users are in the
// 'everyone' group, so this is a safe rule
CFDictionaryRef aDict = CFDictionaryCreate(NULL, (const void **)keys, (const void **)values, 2,
&kCFCopyStringDictionaryKeyCallBacks,
&kCFTypeDictionaryValueCallBacks);
err = AuthorizationRightSet(
authorization, // authRef
rightName, // rightName
aDict, // rightDefinition
CFSTR("Authenticate to log in via YourAppName."), // descriptionKey
NULL, // bundle, NULL indicates main
NULL // localeTableName,
); // NULL indicates "Localizable.strings"
if (aDict) {
CFRelease(aDict);
}
if (err != noErr) {
NSLog(@"Cannot set up authorization entry. Error: %d", err);
}
}
} else {
NSLog(@"Cannot open authorization database. Error: %d", err);
}
return (err == noErr);
}
bool AuthenticateForRight(const char* username, const char* password, const char* rightName)
{
OSStatus status = noErr;
if (rightName) {
if ((status = SetupAuthorizationForRight(rightName)) != noErr)
return false;
}
else
rightName = "allow"; // Allow right rule always defined by default and only authenticated users has this right
AuthorizationRef authRef = 0;
AuthorizationItem environment[2] = {{NULL, 0, NULL, 0}, {NULL, 0, NULL, 0}};
int numItems = 0;
if (username) {
AuthorizationItem item = { kAuthorizationEnvironmentUsername, strlen(username), (char*)username, 0 };
environment[numItems++] = item;
if (password) {
AuthorizationItem passItem = { kAuthorizationEnvironmentPassword, strlen(password), (char*)password, 0 };
environment[numItems++] = passItem;
}
}
AuthorizationItem right = {NULL, 0, NULL, 0};
right.name = rightName;
right.valueLength = 0;
right.value = 0;
AuthorizationRights rightSet = { 1, &right };
AuthorizationRights environmentSet = { static_cast<unsigned int>(numItems), environment };
status = AuthorizationCreate(NULL, &environmentSet, kAuthorizationFlagDefaults, &authRef);
if (status != noErr) {
NSLog(@"Cannot create authorization reference. Error: %d", status);
return false;
}
AuthorizationFlags flags = kAuthorizationFlagExtendRights | kAuthorizationFlagPreAuthorize; // | kAuthorizationFlagInteractionAllowed; <- Just for debugging, will display the OS auth dialog if needed!!!
status = AuthorizationCopyRights(authRef, &rightSet, &environmentSet, flags, NULL );
AuthorizationFree(authRef,kAuthorizationFlagDestroyRights);
return (status == noErr);
}
//原始代码:https://developer.apple.com/library/mac/#technotes/tn2095/_index.html
// https://developer.apple.com/library/mac/documentation/Security/Conceptual/authorization_concepts/03authtasks/authtasks.html#//apple_ref/doc/uid/TP30000995-CH206-BCIGEHDI
bool SetupAuthorizationForRight(常量字符*rightName)
//在应用程序启动时调用。创建一个连接
//到授权服务,然后确保
//权利是有定义的。
{
骨性关节炎;
//连接到授权服务。
AuthorizationRef authorization=NULL;
err=AuthorizationCreate(NULL、NULL、0和authorization);
//确立我们的权利。
如果(err==noErr){
//检查我们的权利是否已经定义。
err=AuthorizationRightGet(rightName,NULL);
如果(err==noErr){
//已存在一项权利,或者由
//系统管理员或因为这是第二个
//我们已经跑了。不管怎样,我们都没有更多的时间了
//让我们去做。
}else if(err==errAuthorizationDenied){
//右侧尚未定义。让我们创建一个
//基于定义的自定义(非固定)规则的权限定义
//在下面的字典里。
//系统管理员可以根据需要修改此权限
//见好就收。
CFStringRef键[2]={CFSTR(“类”),CFSTR(“组”)};
CFStringRef值[2]={CFSTR(“用户”),CFSTR(“每个人”)};
//允许每个用户访问-所有本地和远程用户都在
//“每个人”组,所以这是一个安全的规则
CFDictionaryRef aDict=CFDictionaryCreate(NULL,(const void**)键,(const void**)值,2,
&kCFCopyStringDictionaryKeyCallBacks,
&kCFTypeDictionaryValueCallBacks);
err=AuthorizationRightSet(
授权,//authRef
rightName,//rightName
aDict,//rightDefinition
CFSTR(“通过您的AppName进行身份验证登录)”,//descriptionKey
NULL,//bundle,NULL表示主
NULL//localeTableName,
);//NULL表示“Localizable.strings”
国际单项体育联合会(aDict){
CFD发布(aDict);
}
如果(错误!=noErr){
NSLog(@“无法设置授权项。错误:%d”,错误);
}
}
}否则{
NSLog(@“无法打开授权数据库。错误:%d”,错误);
}
返回(err==noErr);
}
bool AuthenticateForRight(常量字符*用户名,常量字符*密码,常量字符*右名称)
{
骨状态=noErr;
if(rightName){
如果((状态=SetupAuthorizationForRight(rightName))!=noErr)
返回false;
}
其他的
rightName=“allow”;//默认情况下始终定义允许权限规则,并且只有经过身份验证的用户才具有此权限
AuthorizationRef authRef=0;
AuthorizationItem环境[2]={{NULL,0,NULL,0},{NULL,0,NULL,0};
int numItems=0;
如果(用户名){
AuthorizationItem={kAuthorizationEnvironmentUsername,strlen(username),(char*)用户名,0};
环境[numItems++]=项目;
如果(密码){
AuthorizationItem passItem={KAAuthorizationEnvironmentPassword,strlen(password),(char*)password,0};
环境[numItems++]=passItem;
}
}
AuthorizationItem right={NULL,0,NULL,0};
right.name=rightName;
right.valueLength=0;
右值=0;
AuthorizationRights rightSet={1,&right};
AuthorizationRights environmentSet={static_cast(numItems),environment};
状态=AuthorizationCreate(NULL,&environmentSet,KAAuthorizationFlagDefaults,&authRef);
如果(状态!=noErr){
NSLog(@“无法创建授权引用。错误:%d”,状态);
返回false;
}
AuthorizationFlags flags=KauthorizationFlagExtenderRights | kAuthorizationFlagPreAuthorize;//| kAuthorizationFlagInteractionAllowed;以下是我的代码供您参考
char *password = "password";
char *userName = "account";
AuthorizationRef authorization = NULL;
AuthorizationItem items[2];
items[0].name = kAuthorizationEnvironmentPassword;
items[0].value = password;
items[0].valueLength = strlen(password);
items[0].flags = 0;
items[1].name = kAuthorizationEnvironmentUsername;
items[1].value = userName;
items[1].valueLength = strlen(userName);
items[1].flags = 0;
AuthorizationRights rights = {2, items};
AuthorizationEnvironment enviroment = {2, items};
// Creates a new authorization reference and provides an option to authorize or preauthorize rights.
AuthorizationCreate(NULL, &enviroment, kAuthorizationFlagDefaults, &authorization);
AuthorizationFlags flag = kAuthorizationFlagDefaults| kAuthorizationFlagExtendRights;
OSStatus status = AuthorizationCopyRights(authorization, &rights, &enviroment, flag, NULL);
if(status == errAuthorizationSuccess)
{
NSLog(@"Pass");
}
else
{
NSLog(@"Fail");
}