News Feed
Jobs Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Ralph Schindler:
Authentication & Authorization in Apigility
March 27, 2014 @ 11:04:21

Those interested in the Apigility project from Zend might want to check out this new post from Ralph Schindler on how it handles authentication and authorization for all of the requests.

Apigility takes a lightweight, layered, yet extensible approach to solving both problems of authentication and authorization. The infrastructure is already in place and ready to be configured to use, or for more advanced use cases: to be extended. Many of these feature can be easily explored through the Apigility user interface.

He gets into authentication first, defining it briefly before getting into the Apigility-specific implementation. He talks about the three methods (HTTP basic, HTTP digest and OAuth2) and mentions where it falls in the execution as well as some screenshots of its setup. Following this he talks about the other half of the equation, authorization. He covers the "Authentication" header, the identity types and where you can find the configuration settings. He finishes off the post with an in-depth look at the different components, events and services/models that make up the authentication and authorization system and make it work.

0 comments voice your opinion now!
authentication authorization apigility introduction configuration

Link: http://ralphschindler.com/2014/03/26/authentication-authorization-in-apigility

NetTuts.com:
Laravel Unwrapped Session, Auth and Cache
March 11, 2014 @ 11:57:10

On NetTuts.com today there's a new tutorial introducing you to the Laravel framework and how to use its session, authentication/authorization and caching systems.

One thing though that not a lot of programmers take advantage of is Laravel's component-based system. Since its conversion to composer-powered components, Laravel 4 has become a very modular system, similar to the verbosity of more mature frameworks like Symfony. [...] In this tutorial, we'll be diving into a group of these components, learning how they work, how they're used by the framework, and how we can extend their functionality.

First up is the session component that lets you store the data in various places (file, cookie, etc) and how service providers fit into this. Next up is the Auth component, showing how to use the service providers to hook into a custom auth handler for finding and validating user logins. Finally, there's the Cache component. He shows how to apply a service provider to configure it, passing the data off to a MongoDB database to be stored.

0 comments voice your opinion now!
laravel tutorial session cache authentication serviceprovider framework

Link: http://code.tutsplus.com/tutorials/laravel-unwrapped-session-auth-and-cache--cms-19952

Gonzalo Ayuso:
Integrating WebSockets with PHP applications. Silex and socket.io playing together.
February 04, 2014 @ 09:37:25

Gonzalo Ayuso has a new post today showing you how you can integrate websockets with a PHP application using a combination of Silex and socket.io, a javascript library specifically made to work with them.

WebSockets are great. We can start a persistent connection from our browser to our server and use this connection to send real time notifications to our users. Normally when we integrate WebSockets with an existing Web application, we need to face with one slight problem. Our Web application runs on a Web server (imagine, for example one Silex application). We can use a login form and ensure all requests are authorized (using a security layer). This problem is solved years ago. We can use Basic HTTP authentification, Digtest authentification, a session based athentification, token based authentificatio, OAuth, The problem arrives when we add WebSocket server.

He mentions another solution - sharing an authentication mechanism between the frontend and backaned - but suggests something simpler using the bi-directional nature of websockets. To illustrate, he makes a simple Silex application and creates a basic template that makes the websocket request back to the localhost. He includes the simple code to make the socket.io server (node.js) and an example of using Express to handle the request and define the URL to call on the Silex application. He's also created a screencast showing the full process, start to finish.

0 comments voice your opinion now!
websockets socketio silex websockets tutorial authentication security

Link: http://gonzalo123.com/2013/12/24/integrating-websockets-with-php-applications-silex-and-socket-io-playing-together

PHPClasses.org:
Using Composer to Install JavaScript, CSS & Images Under the Web Document Directory
January 07, 2014 @ 12:36:07

On the PHPClasses.org site today there's a new post showing how to install more than just PHP packages with Composer including things like Javascript, CSS and image files.

By default Composer installs all package files under the vendor directory. If you want to install asset files in the Web document root directory, you need to resort to another solution. This Asset Manager package is a plugin that extends Composer to install any package files outside the vendor directory. Additionally, it can also read the user names and passwords from a configuration file, so you do not have to enter them every time Composer retrieves packages from repositories that may require authentication, like PHP Classes and JS Classes.

Using an asset manager plugin for Composer, he shows how to include an "extra" section into your "composer.json" for the other files. There's also an example of how to implement a custom installation action that, in this case, was used to implement the "extras" functionality. The post finishes up with a look at handling authentication in the Composer requests, using the same tool to parse a "config" section with Basic HTTP authentication information.

0 comments voice your opinion now!
composer package install javascript css image assets http authentication

Link: http://www.phpclasses.org/blog/package/8429/post/1-Using-Composer-to-Install-JavaScript-CSS-and-Images-Under-the-Web-Document-Directory.html

NetTuts.com:
Authentication With Laravel 4
November 12, 2013 @ 13:13:39

On NetTuts.com today there's a new tutorial posted showing you how to create user authentication with a Laravel framework-based application. Their example comes complete with registration and login code and the markup for the pages.

Authentication is required for virtually any type of web application. In this tutorial, I'd like to show you how you can go about creating a small authentication application using Laravel 4. We'll start from the very beginning by creating our Laravel app using composer, creating the database, loading in the Twitter Bootstrap, creating a main layout, registering users, logging in and out, and protecting routes using filters.

They walk you through every step of the way - providing the PHP and HTML (and a bit of CSS) needed to make the system:

  • Creating a new project and installing dependencies
  • Connecting to the database and making the "Users" table
  • Making the registration page (with controller and view)
  • Handling the form submission from the page
  • Making a basic login page
  • Adding the "log out" functionality as well

You can also just hop over to Github and grab the full example if you'd like to see how it all fits together.

0 comments voice your opinion now!
authentication laravel framework tutorial registration login

Link: http://net.tutsplus.com/tutorials/php/authentication-with-laravel-4/

Zend:
Apigility Progress report zf-mvc-auth, packagist, and PHP's built-in web server
November 01, 2013 @ 15:52:11

In a new post to the Apigility forums today Matthew Weier O'Phinney has announced the release of an authentication/authorization component for the recently announced project from Zend. Apigility is a Zend Framework-based tool for easily constructing and managing an API.

We've been working hard on Apigility since ZendCon, and have released some more code into the wild. zf-mvc-auth exists to provide both authentication and authorization for your APIs; in fact, it's a bit of a general-purpose library for ZF2 MVC apps! Right now, we support HTTP basic and digest authentication out of the box, and will be working next on OAuth support. Authorization is done by default via ZendPermissionsAcl, as we discovered a problem with using RBAC: RBAC is deny-by-default, which does not work when you want an open-by-default schema. You may opt-in to deny-by-default, as well as mark individual services as requiring permission by default. Finally, you have the option of denying/allowing per HTTP method of a service as well.

You can find out more details about this functionality in this quick screencast. The zf-apgility module depends on this new zf-mvc-auth module, so it will be included and available by default in your APIs. In that same post Matthew also talks about the listing of the Apigility packages on Packagist service and a note for those wanting to use the built-in HTTP server to run the tool (a PHP version dependency).

0 comments voice your opinion now!
apigility progress zendframework mvc authentication authorization packagist http server

Link: https://groups.google.com/a/zend.com/forum/#!topic/apigility-users/_mOPkxxmGYI

7PHP.com:
Win Free Tickets To Nomad PHP EU - "Dispelling the Myths About Auth*"
October 15, 2013 @ 11:08:37

The 7PHP.com site has announced a giveaway of free tickets to this month's Nomad PHP virtual user group meeting, the European chapter. The topic for this month's EU meeting is authorization and authentication (disclaimer: I am the speaker).

Here I am again for another NomadPHP Ticket(s) give-away. Two tickets will be given away - to the 1st & 2nd draw winner! If you did not know, NomadPHP is virtual PHP User Group mainly for people who do not have the chance to avail of a local PHP user group. But it is open to ANYONE around the world. I also remind you that NomadPHP is an initiative brought forward by the icon of The PHP Community, namely 'His Awesomeness' Mr Cal Evans.

To enter the contest to win the tickets, you just make a comment on the post and he'll select the winners before the event. The meeting is Thursday, October 17th at 8pm CEST.

0 comments voice your opinion now!
nomadphp europe authentication authorization myth virtual usergroup

Link: http://7php.com/nomadphp-tickets-17oct2013/

In Coding:
Laravel 4 Authentication A Comprehensive Tutorial
August 26, 2013 @ 16:15:49

On Medium.com Christopher Pitt has written up a tutorial showing off an authentication system in Laravel 4, a recently popular framework that's still a little light on tutorials for more advanced topics...like authentication.

Laravel 4 is a huge step forward for the PHP community. It's beautifully written, full of features and the community is presently exploding. It's with this in mind that I would like to show how to build an authenticated application using Laravel 4.

His example (the code is over on github too) shows you how to:

  • Get Laravel installed and up and running
  • Configure the database and create the needed tables
  • Making a migration for the structure
  • Making the model and "seeder" for some sample data
  • Configuring the authentication pieces

The code to create the controller and views are also included as well as the method you'll need to use for authenticating the given user credentials. There's no signup functionality in this example, but password reset and logout are covered.

0 comments voice your opinion now!
laravel framework authentication tutorial example

Link: https://medium.com/on-coding/e8d93c9ce0e2

Jeremy Kendall:
API Query Authentication With Query Auth
August 15, 2013 @ 09:41:46

Jerermy Kendall has written up a post for his site showing the use of his QueryAuth library for API authentication, complete with plenty of examples. The library makes it simple to sign and verify requests based on a key, secret and parameters given.

Most APIs require some sort of query authentication: a method of signing API requests with an API key and signature. The signature is usually generated using a shared secret. When you're consuming an API, there are (hopefully) easy to follow steps to create signatures. When you're writing your own API, you have to whip up both server-side signature validation and a client-side signature creation strategy. Query Auth endeavors to handle both of those tasks; signature creation and signature validation.

He includes code examples showing how to create a signed request, validate the signature from an incoming request and generate randomized keys and secrets. He's also created a sample implementation as a Vagrant box that sets up a Slim framework based application and uses Guzzle to make requests. He briefly looks at some of the code that makes it work and what the raw HTTP request and response look like for the result.

0 comments voice your opinion now!
queryauth api authentication signature parameter key secret tutorial

Link: http://jeremykendall.net/2013/08/13/api-query-authentication-with-query-auth

SitePoint.com:
How to Add OAuth Authentication to Your Twitter App
June 26, 2013 @ 11:27:53

In this quick post to SitePoint, they show you how to use the Twitter OAuth library to connect your application with the new Twitter OAuth authentication methods.

Thanks Twitter. Not only have you removed open access to public Twitter timelines, you're expecting developers to contend with cryptic authentication documentation! Many of us simply want to display our own tweets on our own website, but it's obvious Twitter prefers us to use their widgets. Despite the convoluted Twitter instructions, implementing OAuth in your lovingly-crafted API 1.0 application is reasonably straight-forward if you use the libraries provided by talented group of (non-Twitter) developers.

They break it down into a few easy steps (largely made easy because the library does most of the heavy lifting for you):

  • Create your Twitter Application
  • Create an Access Token
  • Download the OAuth Library
  • Modify Your Timeline Fetching Code
0 comments voice your opinion now!
twitter oauth tutorial library example api authentication

Link: http://www.sitepoint.com/twitter-1-1-oauth-php


Community Events











Don't see your event here?
Let us know!


introduction release composer language database performance series podcast framework application opinion package hhvm symfony2 unittest component facebook install security hack

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework