Answer the question
In order to leave comments, you need to log in
S
S
semki0962019-06-17 01:13:31
semki096, 2019-06-17 01:13:31
How to organize the simplest authentication for one client from his machine?
How to organize a very simple, primitive but reliable authentication system for a single user? The first thing that comes to mind is to record in the session that the user is authenticated if he entered the correct password.
But I would like to understand how safe this option is. How to make it safer, can it check the computer name? And is it right to do it through the session, can't it be stolen or replaced?
2 answer(s)
@semki096
X
xmoonlight, 2019-07-24 @semki096
If we take the "golden mean":
1. Opening the login form - through the signature page: site.com/login#userlogonformcode
2. Determine the fingerprint and logoncode, and if everything matches, you can open the login and password entry form.
3. The login-password is correct - we bind the fingerprint and IP to the authorization token and block parallel sessions.
Everything! The user is logged in.
PS: userlogonformcode, login, pass - we issue sequentially through a link in the mail.
Similar questions
M
J
C
Chvalov2014-11-02 04:55:00
Authorization does not work - Fat free Framework, what should I do?
2Reply
F
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question