News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

NetTuts.com:
Using Laravel 5's Authentication Facade
May 19, 2015 @ 11:26:34

The NetTuts.com site has a new tutorial posted today sharing more information about the authentication facade in Laravel 5 and how to use it to implement simple, custom authentication handling.

Authentication is a part of almost all the web applications you work with. It's really boring to keep repeating all the boilerplate code in every project. Well, the good news is Laravel 5 rids you of this boredom by providing a ready-to-use authentication facade. All you need to do is configure and customize the authentication service provider to your project's needs. In this quick tip, I am going to show you exactly how to do that.

It's a seven step process to get things up and running (it sounds like a lot but all the code is provided):

  • Setting Up the Environment
  • Setting Up the Migrations
  • Configuring the Registrar Service
  • Updating the User Model
  • Updating the View
  • Securing Your Routes
  • Modifying the Default Authentication Routes

Each step includes the code needed and a brief summary of what's happening and how it effects the overall authentication setup. He also ends the post with a brief mention of the "password reset" email functionality and where the content for that email is located.

0 comments voice your opinion now!
laravel5 authentication facade custom tutorial database

Link: http://code.tutsplus.com/tutorials/using-laravel-5s-authentication-facade--cms-23461

SitePoint PHP Blog:
Symfony2 Registration and Login
May 11, 2015 @ 09:55:57

The SitePoint PHP blog continues their series looking at authentication and authorization in a Symfony2 application with part two of their series. This time author Taylor Ren focuses on the registration and login systems for your users.

In part 1, we discussed the basics of setting up a security system in our app (database and security.yml settings). We also covered the pre-registration stage where a user verifies their invitation status with the app. In this article, we will talk about registration, logins and post-login actions.

He starts with the registration side of things, showing how to create a simple form asking for a username, password (and confirming it), a homepage URL and email address. He shows how to link it to a User instance and render the form out to a Twig template. Once the request is submitted the user is created, including encoding (bcrypt) of the password. Next up is the login form that's linked to the "AuthenticationSuccessHandler" for post-success handling. The tutorial finishes off with a piece of code showing how to redirect the user back to their requested URL once authenticated.

0 comments voice your opinion now!
symfony2 series part2 authentication register login tutorial

Link: http://www.sitepoint.com/symfony2-registration-login/

SitePoint PHP Blog:
Symfony2 Pre-registration and Invite System
May 07, 2015 @ 08:25:48

The SitePoint PHP blog has kicked off a new series of posts today with part one of a set of tutorials showing you how to create a registration and invitation system with Symfony2. While they've talked about general Symfony2 development before, this series will focus more on the security side, on authentication and authorization.

In this article series of two parts, we are going to talk about a very important area of web application development: Authentication and Authorization. Symfony2 has a very detailed elaboration of these two topics in its official documentation. Anyone who is seriously looking into this is encouraged to read through that official document after absorbing the essentials from this tutorial.

The author starts with a brief list of common user management tasks including registration via a form, sending confirmation emails and verifying the user's login. He helps you create the underlying "user" table (complete with the SQL) and talks a bit about the contents of a few of the columns. He includes the settings you'll need to put into your "security.yml" configuration file and a bit of detail on what each section and its settings mean. He then moves on to the "User" entity and class file, adding some functionality to the standard generated class. He also includes the code needed to create the invite and registration actions.

0 comments voice your opinion now!
registration invite system symfony2 tutorial user management authentication authorization

Link: http://www.sitepoint.com/symfony2-pre-registration-invite-system/

SitePoint PHP Blog:
User Authentication in Symfony2 with UserApp.io
March 19, 2015 @ 09:18:18

On the SitePoint PHP blog Daniel Sipose has written up a tutorial showing you how to use the UserApp.io service to authenticate users for your Symfony2 applications.

UserApp.io is a handy user management tool and API. It provides a web interface to deal with user accounts (and the many features this involves) and an API to hook them into your own web application. The purpose of this service is to make it easier and safer to manage user authentication by not having to worry about that on your own server. It has SDKs and various wrappers for many programming languages and frameworks and the price is affordable. Yes, it comes with a price but you can get started freely with quite a lot of things to play around with.

He makes use of this library (his own creation) and the UserApp.io SDK to hook into Symfony2's own Security component authentication handling. He starts by explaining some of the classes he'll be creating including the form authenticator, a user provider, the logout handler and an custom exception. The full code is included for each as well as the changes you'll need to make to the YAML configuration to hook it all together.

0 comments voice your opinion now!
user authentication symfony2 userappio service tutorial

Link: http://www.sitepoint.com/user-authentication-symfony2-userapp-io/

Resonant Core:
Remember Me Safely - Secure Long-Term Authentication Strategies
February 02, 2015 @ 11:18:42

On the Resonant Core blog there's a new post from Scott Arciszewski looking at some strategies for secure long-term authentication (usually in the form of "Remember Me" functionality).

Let's say you have a web application with a user authentication system, wherein users must provide a username (or email address) and password to access certain resources. Let's also say that it's properly designed (it uses password_hash() and password_verify() and rate-limiting; it doesn't have any SQli or XSS flaws). Everything is going well for a while, but eventually your users would like the convenience of a "Remember me on this computer" button. What do you do?

He proposes a few different solutions including:

  • the storage of credentials from the database in a cookie (a bad idea),
  • generating a unique token when the uses requests the "remember me" to store in a cookie
  • using two pieces of information, a random token and an "authenticator" for validation

He points out why the first two solutions aren't the best approaches and then gets into the details of how to handle the last recommendation. He includes both the SQL and the PHP code to make the token creation and verification work, performing an auto-login when the two values provided match up.

0 comments voice your opinion now!
rememberme security authentication longterm strategy

Link: https://resonantcore.net/blog/2015/02/remember-me-safely-secure-long-term-authentication-strategies

SitePoint PHP Blog:
Re-introducing FuelPHP
November 10, 2014 @ 10:51:23

On the SitePoint PHP blog today they've posted a new tutorial that reintroduces you to FuelPHP, the framework that was (sort of) the successor to the CodeIgniter framework. It was started by some of the ex-CI developers in an effort to make a more robust, yet simple PHP framework for PHP 5.3+.

As a PHP developer, I have been a consistent user of different PHP frameworks, mostly focusing on CakePHP. Recently, I felt the need to go framework shopping and I have many valid reasons for choosing FuelPHP. It has a built-in modular structure and complete flexibility with emphasis on community. Before Fuel, I was a CakePHP user and just like Cake, Fuel is a huge community driven framework.

The author walks you through the installation process (via the framework's own "oil" command line tool) and dives into some example code quickly after that. He shows how to create a simple "Hello World" route and generate the scaffolding (code generation for the MVC pieces) including migrations. He creates a simple "users" table and adds some authentication checking to the controller. Then in the view he sets up a simple login form, requesting username and password and outputting any errors that might pop up during the authentication process.

0 comments voice your opinion now!
fuelphp framework introduction mvc authentication example

Link: http://www.sitepoint.com/re-introducing-fuelphp/

NetTuts.com:
Setting Up User Authentication in Laravel Using Confide
August 08, 2014 @ 11:05:24

NetTuts.com has posted a new tutorial recently showing how you can use Confide to set up authentication in a Laravel-based PHP application. Confide is a package specifically for Laravel that provides a lot of the usual needs for a user authentication system.

User authentication is part of almost every web application. Although it is common, a deeper look shows that it's not as simple as it may seem. Remember that validation, password recovery, and email confirmation are vital to any decent authentication form. Confide is an authentication solution for Laravel made to reduce the repetitive work involving the management of users. [...] In this tutorial, we'll start from the very beginning by creating our Laravel app using Composer and then: create a signup form with a full set of validation rules, a login form with a "forgot my password" option that will send a link for the user to redefine his password and use Laravel filters to only allow logged users can access a specific route.

The tutorial walks you through creating a simple Laravel application (obviously you can always use one you've already created) and getting Confide installed via Composer. Once you've added the provided lines to the Laravel configuration, you'll be ready to follow along with their examples. They run the migrations to set up the database and show how to view the user pages (and update their look to something a bit more friendly). The remainder of the post shows how to add in the pre-execute validation, via Laravel's filters, to ensure a user is logged in on certain routes.

0 comments voice your opinion now!
tutorial authentication laravel confide library

Link: http://code.tutsplus.com/tutorials/setting-up-user-authentication-in-laravel-using-confide--cms-21866

SitePoint PHP Blog:
Social Network Authentication Twitter and Facebook
July 21, 2014 @ 11:32:12

The SitePoint PHP blog continues their series of tutorials showing how to authentication your users against various social networks. In the previous post they covered connecting to Google+ and in this latest post they move on to two other popular social networks: Facebook and Twitter.

In the previous parts of this series, we created our initial interfaces, set up our Google+ login functionality and talked about how we can merge our accounts together. In this article, we will integrate Twitter and Facebook within our application. You will see a lot of similarities with the Google+ article, so if you could follow that one easily, you won't have much trouble with this one. If you haven't read that article yet, I suggest you read it first before continuing this article.

He starts off with the Twitter authentication, creating a new "SocialLogin" object type for it and defining the three required properties it needs to connect. Code is included to make the OAuth connection, pass along the callback URL and forward on the user to the Twitter site for approval. Code is also included to store the data about the Twitter user in your application. Next up is Facebook. The connection is very similar to the others with only a slight difference in the data that's required. You can find the full code for the tutorial so far in this Github repository.

0 comments voice your opinion now!
social network authentication tutorial series twitter facebook

Link: http://www.sitepoint.com/social-network-authentication-twitter-facebook/

SitePoint PHP Blog:
Social Network Authentication Merging Accounts
July 16, 2014 @ 12:19:07

The SitePoint PHP blog continues their series looking at authenticating your application against other social networking services with this new post discussing the merging of accounts. This merging allows you to determine if the same user is using more than one account to log into your system.

If you allow users to sign up through different social networks and perhaps your own registration system, there is a good chance some users will have multiple accounts. How annoying can it be for a user who signed up through Facebook earlier, to come back later and log in through Twitter because he thought he used that one? We can prevent this by letting the user merge manually or try to use an automatic system to try and identify duplicated users.

He tracks the information about the users in two different database tables, one for the user themselves and another representing that user's provider (the social network). He gives an overview of two methods you could use for merging these accounts: either doing it manually by suggesting it to the user or trying to do it automatically based on the data you already have.

0 comments voice your opinion now!
social network authentication tutorial series merge accounts

Link: http://www.sitepoint.com/social-network-authentication-merging-accounts/

SitePoint PHP Blog:
Social Network Authentication - Setup & Google+
July 15, 2014 @ 11:12:06

The SitePoint PHP blog has posted the first two parts of a "Social Network Authentication" series looking at connecting your application with social network systems. In these first two posts they help you get things set up to connect to the remote systems and create an actual connection to Google+.

Almost every website which contains a log in option, also contains ways to log in through different social networks. In this series of articles, we will take a look at how we can make sure that our visitor can log in through Google+ and eventually other networks like Twitter and Facebook. In the final article, we will have a close look at how we can make sure users don't have different accounts due to the fact that they used different social networks. We will create a framework agnostic package which can easily handle users from different social networks. In this part, we will have a look at our basic setup.

The first tutorial helps you get things all set up and takes the first steps in making the "SocialLogin" package. In the second tutorial they use this package structure to create a Google+ specific instance, making the OAuth connection as simple as calling a method, loading a URL and handling the response.

0 comments voice your opinion now!
social network authentication tutorial series googleplus

Link: http://www.sitepoint.com/series/using-social-networks-as-a-login-system/


Community Events

Don't see your event here?
Let us know!


podcast release api library series php7 opinion example framework symfony2 introduction conference performance application community configure install language interview laravel

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework