I need an alternate ID field with built in validation.
|Reported by:||rcfeldmann||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
I need users to enter an ID to access other users accounts. I do not want to rely only on the default sequential ID as it would be too easy for an incorrect entry to bring up a different user. Also malicious users can just sit and keep adding/subtacting one to every number to determine my entire user directory.
I would like to add two digits to the end of the ID to make an extended ID. The first part will be the core (django's default sequential number), concatenated with a digit that is calculated from the core's digits, concatenated again with a digit that is calculated from the previous two digits.
Example would be user 00000435 would become user 0000043527. (4+3+5=12 so just use the last digit of 2, 5+2=7 again using last digit if it were > 9)
I was thinking I just need to have an extra field in my database. So I would have ID and ID-Ext and make it appear to users as just one big ID. But here is the trouble.
1) How do I get this to be calculated automatically when a new user is added?
2) How do I get the URLs looking nice? Without the extension, it would be "site/users/00000435/", but I want them to enter "site/users/0000043527/".
Another benefit of this is that my site looks a little more professional without the problem of convincing people to add them to my site seeing their user ID as 00000005 letting them know I only have 4 other users at that point. Instead they see 0000000550.