Heads up! To view this whole video, sign in with your Courses account or enroll in your free 7-day trial. Sign In Enroll
Preview
Start a free Courses trial
to watch this video
What good is a registration system without a way for the user to log in. We'll be using some additional packages for building a JWT and storing environmental variables.
Check out this course if you want to know more about Dependency Management with Composer
Packages
- PHP JWT by Firebase: a simple library to encode and decode JSON Web Tokens (JWT) in PHP, conforming to RFC 7519.
- PHP dotenv: Loads environment variables from .env to getenv(), $_ENV and $_SERVER automagically.
We now need a way to
allow our user to log in.
0:00
Once again,
I've provided you with the form so
0:04
that we can focus on the logic
behind the login system.
0:06
Our login system we use the related
function that we use for
0:10
hashing passwords.
0:13
Password verify, this function
will take the current password
0:15
stored in the database, extract
the salt from it and try to generate
0:19
the same password hash again with
the provided password from the form.
0:24
It will return true or false,
0:29
depending on if the new hash password
matches the stored password hash.
0:31
We will also be introducing you to
a couple new tools that will be installed
0:36
via Composer, PHP JWT, and php.env.
0:41
PHP JWT is a JSON Web Token
package that allows you
0:47
to generate a job that
will store in our cookie.
0:51
Php.env is a nice package to set
environment variables based on a file.
0:55
Since we're going to
need a new package for
1:01
this system, let's install our
new package through Composer.
1:03
In your workspace go to view,
show console.
1:06
This will provide you with a prompt for
your project.
1:11
The package we're going to be
using is the php-jwt by Firebase.
1:14
So let's type in composer
1:20
require firebase/php-jwt.
1:25
This will install the package and update
your composer.json and composer.loc files.
1:31
We also need to require
the php.env package.
1:39
As a second way of doing this,
you could open the composer.json file.
1:43
Find the require section and
1:53
add "vlucas/phpdotenv" : ^2.4.
1:59
Make sure that you add a comma
to separate these two packages.
2:08
This method requires that you
know the latest stable release or
2:11
version that you want to use.
2:15
After updating your json
file go back to the console.
2:17
And type composer update.
2:24
We need to create a new
.env file in our project.
2:30
This is where we'll store
environment variables.
2:34
I'll go over this in just a little bit,
but
2:37
before we do that,
let's create our login procedure.
2:39
In the procedures folder,
create a new file.
2:43
Name this doLogin.php.
2:47
Start off like the rest of
the procedures with the bootstrap file.
2:56
Now, let's get the user by the email
address that was supplied.
3:12
If the user array that is returned is
empty, then we need to redirect back to
3:31
the login screen since the user
with that email does not exist.
3:36
If (empty($user)
3:42
redirect('/login.
3:48
Next, we need to check to
see if the passwords match.
3:54
Since the password is hashed,
3:58
we cannot just compare what was provided
to us with what is in the database.
4:00
We can, however use
the password_verify function to do so.
4:05
If (!password_verify(request()
4:14
=>get('password'), and
4:22
then the user password.
4:28
Again we'll redirect to the login page.
4:41
If we get past both these
checks the user can log in.
4:47
So let's create a jot
to store in our cookie.
4:51
You need to sign up for Treehouse in order to download course files.
Sign up