Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Start a free Courses trial
to watch this video
Our login system will utilize cookies to store information about our user, however, we will be using JWT’s that are signed with a secret key to make sure the cookie is not modified or falsified to get into the system.
Steps to Creating a .env file
- Preview your site in a browser again and copy the domain name from the url.
- In the 'inc' folder, create a new file named env.txt
- open the file and create 2 lines:
SECRET_KEY= string_of_64_random_characters COOKIE_DOMAIN= url_from_step_1
** NOTE: Do NOT include the ending slash on the url ** - Close the file and rename env.txt to .env
is_admin?
$user['role_id'] == 1
This check if the users role id is equal to 1, meaning an admin, and returns true or false.
JWT Claim Details
Review JSON Web Tokens video
iss | Issuer | Who issues this claim? |
sub | Subject | Who is the subject? |
exp | Expiration Time | When this JWT expires |
iat | Issued At | Seconds since epoch |
nbf | Not Before | Seconds since epoch |
is_admin | Private Claim Data | Is the user an Admin? |
Additional Resources
- time() function: + number of seconds. 60 minutes in an hour, multiplied by 60 seconds in a minute, equals 3600 seconds.
- Cookies vs Session Storage
- Signing Algorithms
Related Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign upRelated Discussions
Have questions about this video? Start a discussion with the community and Treehouse staff.
Sign up
You need to sign up for Treehouse in order to download course files.
Sign upYou need to sign up for Treehouse in order to set up Workspace
Sign up