我可以使用用户ID作为帐号

[英]Can I use user id as account number


I have users less then million. I use MySQL and table creates auto increment from 100000 (6 digits). If any problem if i use user id as account number for small web application. What is the best way in practice?

我的用户少于百万。我使用MySQL和表创建自动增量从100000(6位)。如果我使用用户ID作为小型Web应用程序的帐号有任何问题。练习中最好的方法是什么?

2 个解决方案

#1


Fairly unspecified what an account number exactly means. In general, you can use that but in my opinion, the user-id is a technical information which should NOT get outside of the system to the customer (for security reasons). I suggest to create a GUID or any other generated (unpredictable)id for each user and then use that as account number to give "outside". With this approach, no user can "predict" the ID of another user.

相当未指明帐号的确切含义。一般情况下,您可以使用它,但在我看来,user-id是一种技术信息,不应该从系统外部传递给客户(出于安全原因)。我建议为每个用户创建一个GUID或任何其他生成的(不可预测的)ID,然后将其用作帐号以给出“外部”。使用这种方法,没有用户可以“预测”另一个用户的ID。

#2


Generally, I would decouple business logic from application logic even if the overlap is evident. The way key generation happens in databases could leave gaps and/or your app may not produce keys at the time needed. A simple key generator (synchronized maybe) maybe better. That said, here is more in this dialog for you to ponder upon.

通常,即使重叠很明显,我也会将业务逻辑与应用程序逻辑分离。数据库中密钥生成的方式可能会留下空白和/或您的应用程序可能无法在需要时生成密钥。一个简单的密钥生成器(可能同步)可能更好。也就是说,这个对话框中有更多内容供您思考。


注意!

本站翻译的文章,版权归属于本站,未经许可禁止转摘,转摘请注明本文地址:https://www.itdaan.com/blog/2015/05/06/59757053ee2d742fc7a55fc4e629f7f5.html



 
  © 2014-2022 ITdaan.com 联系我们: