Site icon R-bloggers

Encrypt user’s password with md5 for you Shiny-app

[This article was first published on Category: R | Huidong Tian's Blog, and kindly contributed to R-bloggers]. (You can report issue about the content on this page here)
Want to share your content on R-bloggers? click here if you have a blog, or here if you don't.

In a previous blog, I post a simple authentication method for Shiny-app, and received several comments mainly concerning that I should encrypt user password. I agree, user’s password can be intercepted when it was transferring. To secure users’ personal information, I think we should consider both server and client sides. < !-- more -->

Your server could be hacked and all users’ personal information could be copied. Such things have happened to some big websites last year. Besides, when data was transferring through internet, due to signal attenuation issue, all data will be enhanced through some deviance, such like network switches, where users’ information could also be intercepted. So, how to secure your password? The best way is: don’t store it on server and don’t transfer it through internet!

What? Are you kidding? Sorry, I’m not!

The idea is simple: before transferring your password, encrypt it first. This is common concept for IT guys, but maybe not for most R users.

Shiny has no such feature, which belong to Shiny-pro, the commercial version. But we add it ourselves because Shiny is open.

  1. Includes md5.js to the head part of ui.R
  2. Create and includes a new ShinyBinding to receive the encrypted password.

That’s all!

Here is a demo (username: withr; passwd: 12345678) and you can find source code here.

To leave a comment for the author, please follow the link and comment on their blog: Category: R | Huidong Tian's Blog.

R-bloggers.com offers daily e-mail updates about R news and tutorials about learning R and many other topics. Click here if you're looking to post or find an R/data-science job.
Want to share your content on R-bloggers? click here if you have a blog, or here if you don't.