- PHP
- Advanced
About this Course
Learn how to implement a custom user authentication system that controls users access to web resources, using password hashing and JSON Web Tokens for security. The system lets users sign up, log in, and log out, limiting access to certain actions based on authorization.
What you'll learn
- Authentication vs Authorization
- Cookies vs. Session Storage
- JSON Web Tokens (JWT)
- Securing Passwords
What is Authentication
You may think that authentication is one of the easiest parts of your application, and yes, it can be. However, to do authentication correctly can be a very difficult thing. If you manage your passwords incorrectly, it opens you up to a huge security vulnerability that will cost you later on down the road. Learning about the basics is the first place to start.
6 stepsBuilding the Library
It is time to build the core of our application without any of the complexity of authentication or authorization. This stage is all about setting up the files we need for viewing our books and adding more to our list.
10 stepsAdding Authentication to Your Application
We now have the core of our application built, however it is open to the world to use and edit/delete any book. We should set up some sort of authentication system to prevent this and allow a user to “own”!
13 steps-
Registration System
6:08
-
Securing Passwords
5:38
-
Login Systems
4:53
-
Building a JWT
4:52
-
Authentication Review
5 questions
-
Working with Cookies
4:24
-
Require Authentication
5:22
-
Logging Out
3:13
-
Flash Messages
5:29
-
Cookies and Flash Messages
3 questions
-
User Profile
9:30
-
Reset Password
4:42
-
Password Hashing
1 objective
Setting up Authorization System
The last part of our project is a way to authorize a user to let them do things based on their role. We discussed in Stage 1 the difference between authentication, which we just finished, and authorization. We will now create the role of administrator who can manage users and edit and delete any book on the site.
7 stepsTeachers
-
Alena Holligan
After starting out in fine art and moving into graphic design, Alena found her passion for programming over 15 years ago and has never looked back. Alena enjoys community and is excited to introduce people to the wonderful world of PHP and the Portland Tech Community.
When not at her computer, Alena enjoys exploring Portland with her friends and family, including her 3 young children. She also enjoys the Symphony, Cooking, Books, Yarn and Yoga.
-
Brian Retterer
Brian Retterer has been working with PHP since the release of PHP 5. He has contributed to a number of private projects and consulted on many others. Brian is now working as the PHP Developer Evangelist for Stormpath where his roles include creating integrations in other frameworks to allow the use of the SDK, and managing the development of the Stormpath PHP SDK.