A
A
Arvid Godyuk2015-12-12 12:41:12
Yii
Arvid Godyuk, 2015-12-12 12:41:12

How to write an authentication service correctly?

Good afternoon.
The task was to implement an authentication service, in fact the system is an exact copy of the system that is used for authentication by Thematic Media projects, i.e. here, on habré, megamind, etc.
Question one: Yii2 or Laravel? In this case, it is better on where to get it faster. I know Yii (4 years), I haven't used Laravel yet. It is complicated by the fact that one of the new projects is made on Laravel (5.0 or already 5.1) and later the platform will migrate to it. But in Laravel, you will have to assemble everything related to the browser part yourself from community components, which can greatly slow down the work.
Question two: How to arrange the whole structure in general in terms of components and logic?
Those. on the service itself + - it’s clear what to do with authorization: put an extension that can be used in social authentication + add a regular registration form for those who just want to log in by e-mail and password (if someone tells me an extension where this is already combined - I will be grateful) .
But, in fact, what to do with the link between my projects and the authentication service? Make your own OAuth2 provider? Or some other lightweight option?
In general, I will be grateful for any instructions.
Thank you.

Answer the question

In order to leave comments, you need to log in

4 answer(s)
A
Arris, 2015-12-12
@Arris

Why do you need a framework for this ?
Arris grumbles: what kind of people went? They can’t sneeze without a framework ....

R
romy4, 2015-12-12
@romy4

Do not think about faster (performance), think about the convenience and speed of creating a site.

V
v- death, 2015-12-12
@vGrabko99

Heh. Framework for OAuth server. hahaha. To tears. I'll do it in native php in the evening (this is of course with the help of github)
The OAuth server should have sample api
calls oauth.example.com/auth?redirekt=where to redirect the user&login=&pass=
makes a redirect to the redirekt address,
for example, if authorization is successful
redirekt.com?json={"auth" : true, "token" : "json web token"}
failed
redirekt.com?json={"auth" : false, "token" : "Password not correct"}
That's it. Why do you need a framework?))
Usually this server also saves users in the database.

V
VoidVolker, 2015-12-13
@VoidVolker

Like this:
More details here: habrahabr.ru/post/130289

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question