Authorization in PHP?

S

Sergey Degtyar2017-12-18 13:37:08

PHP

Sergey Degtyar, 2017-12-18 13:37:08

I study php and I wonder how someone writes authorization give advice. Authorization through sessions.
Storing users in the database.
How do they make sure that the user does not log out when, after closing the browser, the page is opened again?
They also do something with tokens, make a separate plate and write the user and the token there, but why?
Everywhere only casual references.
How to make the most complete and correct authorization in pure PHP?
Please provide a link to the description if possible.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

Sergej, 2017-12-18
@sayber

If I were you, I would start by understanding the Internet and learning how to search for information in it.
trite: the title of your question and the search on this resource.
And only then to study programming, etc.

A

Anton Mashletov, 2017-12-18
@mashletov

Example.
1) Authorization form. The person entered a username and password.
2) If they are correct, a random key is generated. This key is stored in 2 places: in cookies and in the database.
3) Each time the page is loaded, the backend checks for the presence of this key in the cookie, and if it is, it checks against the one in the database. If the users and keys match, then the user is logged in. If not, then go to 1).

A

Alexey, 2017-12-18
@AlexMaxTM

On any framework, this is already implemented, you just need to configure it. If you want to reinvent the wheel, look at how it's done there, then make fewer mistakes.