How to implement such a file check?

A

Alexey Tutubalin2017-10-12 22:05:35

PHP

Alexey Tutubalin, 2017-10-12 22:05:35

There was an idea for one site to implement verification during authorization by loading a special file according to the principle of a public and private key, that is, a person chooses authorization by password (for a regular user) or by file (certificate, for example, for admins) + his password after encryption, but what I don’t know how to take the file, I assumed that the file will be stored on the admins’ PC, which they insert into the usual file upload form during authorization, if the file is the one (for this user), then the password request must be implemented somehow in pure php if possible . openssl will not work in my opinion, since in fact nothing will be encrypted, this is just an additional check,

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

V

Viktor Yanyshev, 2017-10-12
@Kennius

You can salt files for your bike

A

Alexander, 2017-10-12
@zkelo

There is a ready solution for such cases. It's called Two-Factor Authentication.

X

xmoonlight, 2017-10-12
@xmoonlight

by file (certificate, for example, for admins) + your password after encryption

SSL+secure URL for admins with login and password: check against REQUEST_URI and/or some parameters. This will be enough so that no one except the admins can log in, because. it turns out a double "key": URL + password and everything inside SSL.