English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 1h 28m | 229 MB
Do you need to know how to apply best practices for user authentication in PHP? This course walks you through a series of best practices that you can apply to your own PHP projects to avoid costly security pitfalls. Instructor Kevin Skoglund gives you an overview of user authentication in PHP, then dives into how you can implement it. He steps through creating the database table, adding new users, logging users in and out, and controlling access to pages and functions. Kevin shows you how to work with strong passwords, prevent weak ones, and reset forgotten ones. He shows you how to secure user authentication by preventing insecure direct object references (IDOR), using HTTPS, protecting access tokens, and keeping track of logins. Kevin concludes with a challenge/solution set exploring how to write PHP code that expires a user login after a set amount of time has passed.
Table of Contents
Introduction
1 Restricting user access in PHP applications
2 How to use the exercise files on GitHub
1. User Authentication Overview
3 Identification and access control
4 Hashing and storing passwords
2. Implementing User Authentication in PHP
5 Creating the database table
6 Introducing the sample project
7 Adding new users
8 Logging in users
9 Logging out users
10 Controlling access to pages and functions
11 Challenge Editing users
12 Solution Editing users
3. Working with Strong Passwords
13 Password requirements
14 Preventing weak passwords
15 Resetting forgotten passwords
4. Securing User Authentication
16 Preventing IDOR
17 Using HTTPS
18 Protecting access tokens
19 Keeping track of logins
20 Challenge Expiring logins
21 Solution Expiring logins
Conclusion
22 Next steps
Resolve the captcha to access the links!