Bummer! This is just a preview. You need to be signed in with a Basic account to view the entire video.
Start a free Basic trial
to watch this video
What good is a registration system without a way for the user to log in. We'll be using some additional packages for building a JWT and storing environmental variables.
Check out this course if you want to know more about Dependency Management with Composer
Packages
- PHP JWT by Firebase: a simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to RFC 7519.
- PHP dotenv: Loads environment variables from .env to getenv(), $_ENV and $_SERVER automagically.
-
0:00
We now need a way to allow our user to log in.
-
0:04
Once again, I've provided you with the form so
-
0:06
that we can focus on the logic behind the login system.
-
0:10
Our login system we use the related function that we use for
-
0:13
hashing passwords.
-
0:15
Password verify, this function will take the current password
-
0:19
stored in the database, extract the salt from it and try to generate
-
0:24
the same password hash again with the provided password from the form.
-
0:29
It will return true or false,
-
0:31
depending on if the new hash password matches the stored password hash.
-
0:36
We will also be introducing you to a couple new tools that will be installed
-
0:41
via Composer, PHP JWT, and php.env.
-
0:47
PHP JWT is a JSON Web Token package that allows you
-
0:51
to generate a job that will store in our cookie.
-
0:55
Php.env is a nice package to set environment variables based on a file.
-
1:01
Since we're going to need a new package for
-
1:03
this system, let's install our new package through Composer.
-
1:06
In your workspace go to view, show console.
-
1:11
This will provide you with a prompt for your project.
-
1:14
The package we're going to be using is the php-jwt by Firebase.
-
1:20
So let's type in composer
-
1:25
require firebase/php-jwt.
-
1:31
This will install the package and update your composer.json and composer.loc files.
-
1:39
We also need to require the php.env package.
-
1:43
As a second way of doing this, you could open the composer.json file.
-
1:53
Find the require section and
-
1:59
add "vlucas/phpdotenv" : ^2.4.
-
2:08
Make sure that you add a comma to separate these two packages.
-
2:11
This method requires that you know the latest stable release or
-
2:15
version that you want to use.
-
2:17
After updating your json file go back to the console.
-
2:24
And type composer update.
-
2:30
We need to create a new .env file in our project.
-
2:34
This is where we'll store environment variables.
-
2:37
I'll go over this in just a little bit, but
-
2:39
before we do that, let's create our login procedure.
-
2:43
In the procedures folder, create a new file.
-
2:47
Name this doLogin.php.
-
2:56
Start off like the rest of the procedures with the bootstrap file.
-
3:12
Now, let's get the user by the email address that was supplied.
-
3:31
If the user array that is returned is empty, then we need to redirect back to
-
3:36
the login screen since the user with that email does not exist.
-
3:42
If (empty($user)
-
3:48
redirect('/login.
-
3:54
Next, we need to check to see if the passwords match.
-
3:58
Since the password is hashed,
-
4:00
we cannot just compare what was provided to us with what is in the database.
-
4:05
We can, however use the password_verify function to do so.
-
4:14
If (!password_verify(request()
-
4:22
=>get('password'), and
-
4:28
then the user password.
-
4:41
Again we'll redirect to the login page.
-
4:47
If we get past both these checks the user can log in.
-
4:51
So let's create a jot to store in our cookie.
You need to sign up for Treehouse in order to download course files.
Sign up