He talks about how several topics are used in his Redux library including hashing, salts, a method for getting/resetting a forgotten password and how to use database sessions to manage users logged in.

The Redux Authentication System is a "great CodeIgniter Auth library. It's light, easy to use and fully featured. It's a great choice for your new or existing project due to the power it gives to the developer".

It was a shame really as it was a really exciting project with Microsoft leading the way in the area. It's been only recently that Google and Yahoo have caught up and released their own APIs for accessing their users data. [...] With the possibility of actually using the code myself creeping up on the horizon I decided to put the time in to write wrappers for PHP. It can be broken down into two components.

These two components are the delegated authentication, used to get permission from the user to grab the data, and the actual interface to the Windows Live Contacts data. Both packages have been submitted to PEAR.

Starting yesterday, I opened up my IDE, updated PHPUnit, and got cracking. At the current rate of development a Consumer is likely at the weekend. I've already started writing up a formal proposal for PEAR and, of course, the Zend Framework also. I'm thankful the OAuth specification is this simple - it's one of the easiest to read specifications I've had to pleasure to work with.

He notes that an update to the API's Core (from 1.0 to 1.1) might be on the horizon, but can't see it affecting extensions/packages that much. He also mentions Extensions - not PHP extensions, these are augmentations to the OAuth core that allow for other different functionality to be included (like Discovery).

• Zend Framework Login: Creating Switching for Front Page
• Zend Framework Login: Creating Logout
• Zend Framework Login: Protected Page
• Zend Framework Login: Fatal error Cannot use object of type stdClass as array
• Zend Framework Login: Creating Authentication
• Zend Framework Login: Creating Form Login
• Zend Framework Login: Preparing Database

Check out their site (or grab their feed) for more PHP-related articles and tutorials.

The typical issue is that they're unsure how to combine: an authentication adapter, a login form, a controller for login/logout actions and checking for an authenticated user in subsequent requests. It's not terribly difficult, but it does require knowing how the various pieces of the MVC fit together, and how to use Zend_Auth. Let's take a look.

He gives the complete code for a loin controller to cover most of that functionality and an example showing how to check for and keep track of which users have been authenticated.

I just wanted to document this for easy future reference but if you don't want to hook up a complex user adminstration with authorization components, you can simply specify that the admin path be password protected in either your .htaccess file or in your httpd.conf.

This method is actually one of the built-in methods Apache has for restricting access (http authentication) that he's placed on his "/admin" directory. Call htpasswd to create the password file and you're all set to go.