Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.
2
votes
0answers
19 views
Rewriting authentication controller using promises
I am in the process of refactoring some complex code that uses callbacks to instead use promises. I am trying to figure out if my proposed approaches make sense.
...
3
votes
1answer
40 views
A User class for visitors to register and log in to a site
I'm just looking for some feedback on my User class. The class is designed to handle users being able to register, login, and logout of the site. I'll be using it in conjunction with a forum I'm also ...
2
votes
1answer
25 views
Asynchronous login form handler
I have an app that user submit the log in form , when it sent the data to server app create a connection for its account.
In this connection i have an integer field named as state.
the state value is ...
-2
votes
0answers
12 views
Loginscript that check if two values is correct in the database [closed]
I want my loginscript to check if the user have admin permission and if the user have not tried to login more than 10 times. I cant get it to work. Only one of the if statmens works at at time.
...
2
votes
0answers
30 views
Authorization token from servlet filter stores user name
I'm having some difficulty with servlet and filter lifecycles. The intention here is to use the front controller pattern with a simple login; authentication is accomplished with the filter.
Am I ...
2
votes
0answers
29 views
Online store for pies - Part 2: User authentication
I'm building an angular application using AngularJS and AngularFire. As this is the second part of this "series" it might be a good idea to also check out part 1 to gain an even better overview of the ...
3
votes
1answer
40 views
Immunity of login/signup class to all types of attacks
I am going to use the following class which is very simple to use and get user info in pages:
...
0
votes
0answers
34 views
Secure and optimize Mongoose model component
Please help in deciding if this method for a Mongoose model component for user authentication can be made more secure and optimized, for efficiency and platform independence.
...
5
votes
1answer
266 views
MahApps login dialog in splash screen with Caliburn Micro
We are working on an application with a splash screen. After a few seconds/loading all the data, a login dialog appears inside the splash screen, asking you to enter username and password. Think of a ...
5
votes
1answer
389 views
Swift project using PHP web service
I was hoping for someone to review my current project, which was created in Swift and uses a PHP web service. I'm not worried about UI elements, as this is just a 'test' project, but I'm concerned ...
3
votes
0answers
52 views
Is this minimal Go cookie authentication system safe?
I'm working on a login system in Go (Golang). Previously, I was using Gorilla Sessions for this, but I wanted to see if I could reinvent the wheel and make it simpler.
Also, I don't need to store ...
2
votes
1answer
86 views
PHP login redirect security
I wish to redirect users to the login page if they attempt to visit a page which requires them to be logged in. After logging in, however, I want to redirect the user back to their original ...
8
votes
1answer
108 views
WCF Duplex service authentication
I have been thinking about a way to implement this and I am not sure that what I have done is correct, because it surely sounds kinda dirty to me.
Basically what I have is a WCF duplex service which ...
3
votes
1answer
105 views
Testable authentication handler for web API
I need to unit test my authentication handler. I don't really want do an assert against the text message returned by the handler. How could this be improved ?
...
5
votes
0answers
77 views
Security of login and register system
I need some help with my register and log in functions. I'm not sure if I have understood bcrypt correctly either. I'm doubting the security of it, what do you ...
2
votes
2answers
61 views
Social network message board website security
I have a script that contains functions from login in to posting status to friend request send and receive. Pretty much a social network script. Anyways i think my security is not up to date so if ...
1
vote
1answer
96 views
Authentication with JWT
Please review my code for 'JWT' authentication.
Are there any security issues?
Where should I store the secret's key, DB or InMemory?
What's a good 'JWT' Lifetime?
Should I send the 'JWT' in Header ...
3
votes
3answers
104 views
Registration and Login: Best way to separate responsibilities
Based on lots of read books, sometimes I get quite confused when things get bigger than the simple examples. Martin Fowler's clean code is good but not enough.
I want some feedback on how to improve ...
3
votes
1answer
79 views
Secure authentication using JavaScript module pattern and an AJAXified modal window
This code is not live, but for brevity I'll write as though it is.
When a user clicks any element with the class name js-modalOpen, for example:
...
1
vote
1answer
135 views
AngularJS Login Check
I have states that have a requiredlogin object set as true, then I have Angular listen on ...
0
votes
2answers
82 views
2
votes
1answer
103 views
Is my Node/Express-based authentication implementation with session properly done?
I know that Passport.js exists, however, I wanted to code my own implementation using express-session module.
I'm using:
Express
Mongoose
express-session
So I basically have 2 routes for handling ...
7
votes
2answers
173 views
My Authentication Service
This is the AuthenticationService I made based on Barry Jaspan's design, which is way better than the code of which I asked in a question a couple of months ago.
I ...
3
votes
3answers
239 views
PHP Login Check
I use this block of code to check if the user is logged in (login stored in cookies as a plain text and pass MD5 crypted). As I'm a novice in PHP, I'm not sure that this is a correct way. Are there ...
5
votes
1answer
659 views
Prompt for Windows Credentials via Dialog [closed]
I have some code that requires the user (an admin) elevate to a system admin account to perform a task.
I wish to prompt the user for the admin credentials to use.
I believe returning a ...
6
votes
4answers
128 views
8
votes
3answers
484 views
Comments in PHP authentication system
Leaving aside absolutely everything about the code itself (but if you find stuff that's not ok feel free to comment on them).
What I'm asking here is the following:
Is my code properly commented? ...
3
votes
2answers
2k views
Configure AspNet.Identity to allow for either username OR email address on login
I am wondering if there is a more efficient route to take here. Using AspNet.Identity I would like to allow the user to sign in to the same text box using either ...
1
vote
1answer
125 views
Structuring a user authentication system
I'm new to the MVC model. This is where I started: User authentication system. After questioning, reading and thinking a lot, I was able to write a small framework (don't know if 'framework' is the ...
6
votes
1answer
64 views
User persistence and login flow
I have a Java project that copies files and folders to a user's space on the cloud service using a RESTful API. The login design is getting very complicated, and I wanted advice on how to ...
6
votes
2answers
369 views
User authentication system
I'm new to OO PHP and I'm trying to create a simple properly-designed user authentication system.
What am I doing right and what not?
Is this right according to the MVC model?
...
3
votes
0answers
71 views
Knowing who is the user in every request (in every action and every view) [closed]
First: I have many model classes that are mapped from/to tables using EF. Two of them are User and UserCookie, which are stored ...
5
votes
1answer
371 views
PDO Login/Register system I've been working on
I'm relatively new to PHP and programming as whole. I'm sure my code could be better in a lot of ways, most of which I can't fully grasp at the moment. As it stands I'm trying to avoid the general ...
4
votes
2answers
288 views
Simple login system
I'm pretty new to PHP and programming general so I'm quite sure my code is an absolute mess. My goal is to write good code, that others can understand just by looking at it.
This is a simple login ...
11
votes
6answers
656 views
Efficiency with strcpy, strcat and malloc
I'm still learning C, but I'm trying to make sure I've got a decent grasp on working with "strings" and data structures.
If possible, I'd like a little input on how I'm handling this and see if
it ...
8
votes
1answer
135 views
4
votes
1answer
828 views
Admin section - Secure login and authentication
After a lot of back and forth on various sites, reading articles, watching videos etc i still can not figure out the best way to secure my admin section.
The ...
2
votes
2answers
102 views
User authentication class for basic user service
This is where I got the idea for most of the code.
I think this is pretty decent. I want this reviewed for security. Any criticism is welcome.
...
3
votes
3answers
159 views
Complex if statements in authentication method
I had asked questions about my entire class which I'll flag for closing soon. It appeared to be a little too broad for 1 post so I chopped it up and will be asking a little more specific questions ...
2
votes
1answer
385 views
AJAX request authentication to PHP script
Recently I started looking at my AJAX call security and found some code that uses tokens, request and referer in an attempt to authenticate the call and stop XSS and CSRF.
The AJAX calls are for the ...
3
votes
2answers
981 views
Acceptable way of using jQuery methods in Angular directives
Here is my plunker example of what I am doing.
jQuery is a great way to use slide transitions and seem to work well with angular as long as you are only using the methods on the element object inside ...
5
votes
1answer
838 views
Single Sign On - SAML Response generation
I am trying to implement a IDP initiated Single Sign On Solution (service similar to onelogin's) to Cloud based Service providers such as Google Apps, Salesforce etc.
The project is a Maven eclipse ...
4
votes
6answers
464 views
Login function in PHP
I've been working on a simple login script. The registration part is still to be coded, but I'm done the login part. Are there any security holes in my code? I'm using SHA-512 right now but I think ...
4
votes
2answers
530 views
PHP and MySQLi login script - is it secure / am I doing something wrong?
Below is the code for my login page. I haven't really used MySQL (especially OOP) before, so I'd like to know if I'm doing something inherently wrong. The code is working as expected, but I don't ...
8
votes
4answers
3k views
PHP OOP Login Class
This is a login class I made for my personal website.
What I don't care about, is how secure this login class is, because I know it's not. But it keeps out the rare unwanted guests because I do not ...
3
votes
1answer
115 views
Login system, PDO and me - Part 2
This is a follow up question to: Login system, PDO and me
Is this considered secure for a login script?
...
3
votes
1answer
73 views
User-logging authentication
I'm little frustrated because I don't know how well I can refactor this script. I wrote the authentication function but it's too complicated, maybe too large in one function, and seems like spaghetti ...
3
votes
1answer
97 views
Clean up / refactor this store() method
I'm new to Laravel and trying to figure out how I can reduce/refactor this store() call in my SessionController.
Basically, the ...
11
votes
2answers
247 views
Sessions and Authentication
I've a feeling I'm overdoing my Auth class, and that it could be done in a simpler and more understandable way.
Could you give me advice on this, please?
This is ...
4
votes
2answers
136 views
User Authentication Bundle
I wrote a user authentication program(s) for an MVC application. Before you ask part of the project specs are I have to store user information in company databases on servers that aren't the web ...
