How to use MySQL and Ruby to implement a simple user rights management function

How to use MySQL and Ruby to implement a simple user rights management function

With the development of the Internet, it is increasingly important to use the user rights management function of the system. Through reasonable permission management, you can ensure that users can only access information and functions within their permissions, improving the security and manageability of the system. This article will introduce how to use MySQL and Ruby language to implement a simple user rights management function, and provide specific code examples.

1. Create database and tables

First, we need to create a data table in the MySQL database to record user and permission information. You can use the following SQL statement to create a table named users:

CREATE TABLE users (
  id INT PRIMARY KEY AUTO_INCREMENT,
  username VARCHAR(50) NOT NULL UNIQUE,
  password VARCHAR(50) NOT NULL,
  role ENUM('admin', 'user') NOT NULL
);

This table contains the following fields:

• id : User ID, self-increasing integer type, used as primary key
• username: User name, unique, cannot be empty
• password: User password, Cannot be empty
• role: User role, optional values ​​are admin and user, cannot be empty

2. Connecting to the database

In the Ruby code, we use the mysql2 library to connect to the MySQL database. You can use the following code example to connect to the database:

require 'mysql2'

# 创建数据库连接
client = Mysql2::Client.new(
  host: 'localhost',
  username: 'root',
  password: 'password',
  database: 'test'
)

In the above code, host, username, password and databaseIndicates the host name, user name, password and database name of the database respectively. Modify these values ​​as appropriate to connect to the correct database.

3. Add users

Next, we can write code to implement the function of adding users. You can use the following code example to add a user to the database:

def add_user(username, password, role)
  # 检查用户名是否已存在
  query = "SELECT * FROM users WHERE username = '#{username}'"
  result = client.query(query)
  return false if result.count > 0

  # 添加用户到数据库
  query = "INSERT INTO users (username, password, role) VALUES ('#{username}', '#{password}', '#{role}')"
  client.query(query)
  true
end

# 调用示例
add_user('admin', 'admin_password', 'admin')

In the above code, the add_user method receives the username, password, and user role as parameters. Before adding a user, we first check if the username already exists in the database. If it exists, false is returned to indicate that the addition failed; if it does not exist, SQL statements are used to insert the user information into the database, and true is returned to indicate that the addition was successful.

4. Verify user

In order to implement the user's login function, we need to write code to verify whether the user's username and password are correct. You can use the following code example to authenticate the user:

def authenticate_user(username, password)
  query = "SELECT * FROM users WHERE username = '#{username}' AND password = '#{password}'"
  result = client.query(query)
  result.count > 0
end

# 调用示例
authenticate_user('admin', 'admin_password')

In the above code, the authenticate_user method receives the username and password as parameters. Use the username and password as conditions and use SQL statements to query whether matching records exist in the database. If it exists, it means that the username and password are correct and true is returned; otherwise, false is returned to indicate that the verification failed.

5. Verify user permissions

Finally, we can write code to verify that a user has specific permissions. You can use the following code example to verify user permissions:

def check_user_role(username, role)
  query = "SELECT * FROM users WHERE username = '#{username}' AND role = '#{role}'"
  result = client.query(query)
  result.count > 0
end

# 调用示例
check_user_role('admin', 'admin')

In the above code, the check_user_role method receives the user name and role as parameters. Use the user name and role as conditions and use SQL statements to query whether matching records exist in the database. If it exists, it means that the user has the permissions of the role, and true is returned; otherwise, it returns false, which means the user does not have the permissions of the role.

Summary

This article introduces how to use MySQL and Ruby language to implement a simple user rights management function. Through steps such as connecting to the database, adding users, verifying users, and verifying user permissions, user login and permission management functions can be implemented. I hope this article can help you understand how to use MySQL and Ruby to implement user rights management.

The above is the detailed content of How to use MySQL and Ruby to implement a simple user rights management function. For more information, please follow other related articles on the PHP Chinese website!