Running a REPL inside your program is fairly easy but not terribly
safe. E.g., you can dedicate a thread to reading a network port and
executing whatever code fragments you send. But you need to take
precautions, limiting what it is allowed to do, and who can access
it, so unauthorized users can't screw up your program.
In my apps I make hot tweak settings available through a secured web
interface. The "variables" are functions exported from my
configuration module (similar to the way parameters work).
(define-syntax getter/setter!
(syntax-rules ()
((getter/setter!)
; -- start template
(let [(var null)]
(lambda x
(cond
([null? x] var)
([pair? x] (set! var (car x)))
(else (error))
))
)
; -- end template
)))
(define some-config-var (getter/setter!))
Then
(some-config-var <value>) changes the value,
and
(some-config-var) gets the current value.
It's simplistic, but it works well. I haven't run into the need for
more explicit synchronization, but if needed it would be simple to
add a semaphore / mutex to the macro.
During program execution I can tweak these "variables" using a
special HTML page that lets me review and set many variables all at
once. But it could be done using a bunch of simple handlers - one
per variable - that could be command line driven using curl.
In your case, you could create an "update-user" URL handler that
updates your hash from its arguments. If you give it an hard to
guess name and don't document it, then it may be reasonably safe.
YMMV,
George