PHP User Authentication
Treehouse
Course Summary
Learn how to implement a custom user authentication system that controls users access to web resources, using password hashing and JSON Web Tokens for security. The system lets users sign up, log in, and log out, limiting access to certain actions based on authorization.
-
+
Course Description
About this Course Learn how to implement a custom user authentication system that controls users access to web resources, using password hashing and JSON Web Tokens for security. The system lets users sign up, log in, and log out, limiting access to certain actions based on authorization.
About the Teacher
Brian Retterer has been working with PHP since the release of PHP 5. He has contributed to a number of private projects and consulted on many others. Brian is now working as the PHP Developer Evangelist for Stormpath where his roles include creating integrations in other frameworks to allow the use of the SDK, and managing the development of the Stormpath PHP SDK.
-
+
Course Syllabus
What is Authentication
You may think that authentication is one of the easiest parts of your application, and yes, it can be. However, to do authentication correctly can be a very difficult thing. If you manage your passwords incorrectly, it opens you up to a huge security vulnerability that will cost you later on down the road. Learning about the basics is the first place to start. 6 steps- Authentication vs Authorization 2:11
- Application Overview 1:26
- AuthN vs AuthZ 3 questions
- Cookies vs. Session Storage 2:57
- JSON Web Tokens 1:54
- Cookies vs Sessions 5 questions
Building the Library
It is time to build the core of our application without any of the complexity of authentication or authorization. This stage is all about setting up the files we need for viewing our books and adding more to our list. 10 stepsAdding Authentication to Your Application
We now have the core of our application built, however it is open to the world to use and edit/delete any book. We should set up some sort of authentication system to prevent this and allow a user to “ownâ€! 13 steps The last part of our project is a way to authorize a user to let them do things based on their role. We discussed in Stage 1 the difference between authentication, which we just finished, and authorization. We will now create the role of administrator who can manage users and edit and delete any book on the site. 7 steps