We've been looking at the use and handling of exceptions at a fairly low level of detail; syntax and definitions. This case study will help tie it all in with our previous chapters so we can see how exceptions should be used in the larger context of objects, inheritance, and modules.

Today, we'll be designing a simple, central authentication and authorization system. The entire system will be placed in one module, and other code will be able to query that module object for authentication and authorization purposes. We should admit, from the start, that we aren't security experts, and that the system we are designing may be full of security holes. It will be sufficient, however, for a basic login and permission system that other code can interact with. Later, if that other code needs to be made more secure, we can have a security or cryptography expert review or rewrite our module, without changing the API.

Authentication is the process of ensuring a user is really the person they...