Authentication is the process of determining whether someone or something is, in fact, who or what it is declared to be.
4
votes
2answers
87 views
“Remember me” functionality for a website
I have read a few SO threads to implement remember_me functionality.
Steps I have followed:
User clicks on login button and if passes client side validation, it goes to php Login page.
First time
...
3
votes
1answer
35 views
Authentication using PDO
I'm new to PDO, so I was wondering if you guys could check over my PDO code for efficiency (and if the PHP can be improved)
...
2
votes
1answer
66 views
Secure login system
The assignment is to create a login system secured for SQL injections and XSS.
It's in PHP and I'm using PDO with prepared statements obviously. Which from my point of view should protect against the ...
5
votes
1answer
67 views
One way encoding a password
I wrote a script that one way encrypts a user's password by generating a key, and multiplies by the ASCII value of the character and the ASCII value of the key character at (the position that the ...
2
votes
3answers
78 views
A very secure procedural MySQLI login script against injections
I know there are other ways to create a login script like Object Oriented, Prepared Statements and PDO, but how about those old MySQL PHP users like me trying to change from old style to the new ways? ...
8
votes
3answers
247 views
A PHP User System
This PHP User System was built with MySQLi and I also used Composer. I'm planning to improve this, and add more stuff and release it as a sort of a module for Composer.
User.php (Controller File in ...
5
votes
1answer
115 views
Avoiding callback chaining in authenticator
I'm developing an iOS Application in Swift that uses Google Cloud Endpoints as its backend. For now, I've just written the code for the user to login with his Gmail account and I've refactored it as ...
2
votes
1answer
82 views
PHP login system security using a database, cookies and sessions
I created a simple login system using just sessions but having to login every time gets annoying. That is why I'm no trying to save the sessions to my database linked to the user's account. I will ...
1
vote
1answer
99 views
Validate IP address and create a registration attempt
I'm a C++/Python developer attempting to learn JavaScript, but I'm struggling to write clean code. I've read that async.waterfall and Promises are two ways to flatten the code a bit, but my ...
0
votes
0answers
39 views
Simple login system in prolog
The code produces a dialog that allows a user to enter information, then verifies the information and allows the user to have access. Is there any way to improve the code?
...
5
votes
3answers
182 views
Login and registration functions
I'm currently learning C# as first programming language and I've made a simple program to exercise the basic concepts. It's nothing fancy especially compared to advanced stuff you normally talk about, ...
2
votes
1answer
36 views
PHP CSRF eliminator
There are three functions involved. The first Init is run before the content is parsed. The second is parseContent where the ...
3
votes
2answers
357 views
Encrypting and decrypting passwords in PHP
I am wanting to encrypt a password and decrypt a password using PHP. Is this a safe method?
...
7
votes
3answers
452 views
A Simple, One-Page PHP Admin Login (with prepared SQL statements)
First off, I want mention that this code works well. This is more of a request for suggestions...
We're attempting to program a one-page, recursive, token-based admin shell that is safe from ...
5
votes
1answer
92 views
Login Authentication
Please check this PHP script. This script is for Login authentication
Some pre-defined constants to indicate the login state
...
1
vote
1answer
302 views
Authentication system - AngularJS & Ionic Framework
I am building a small mobile app using ionic framework and angularJS. It will consume a Restful Web Service that requires authentication (User token). This means I need to keep my users token by ...
2
votes
1answer
243 views
PHP user account login with salt
I'm creating a user account login with PHP and Mysql which will be used by school teachers. To login there are 3 items required : school, username and password. This will allow for 2 of "MRSMITH" in ...
2
votes
0answers
40 views
Rewriting authentication controller using promises
I am in the process of refactoring some complex code that uses callbacks to instead use promises. I am trying to figure out if my proposed approaches make sense.
...
3
votes
1answer
72 views
A User class for visitors to register and log in to a site
I'm just looking for some feedback on my User class. The class is designed to handle users being able to register, login, and logout of the site. I'll be using it in conjunction with a forum I'm also ...
2
votes
1answer
38 views
Asynchronous login form handler
I have an app that user submit the log in form , when it sent the data to server app create a connection for its account.
In this connection i have an integer field named as state.
the state value is ...
2
votes
0answers
120 views
Authorization token from servlet filter stores user name
I'm having some difficulty with servlet and filter lifecycles. The intention here is to use the front controller pattern with a simple login; authentication is accomplished with the filter.
Am I ...
2
votes
0answers
32 views
Online store for pies - Part 2: User authentication
I'm building an angular application using AngularJS and AngularFire. As this is the second part of this "series" it might be a good idea to also check out part 1 to gain an even better overview of the ...
3
votes
1answer
54 views
Immunity of login/signup class to all types of attacks
I am going to use the following class which is very simple to use and get user info in pages:
...
0
votes
0answers
52 views
Secure and optimize Mongoose model component
Please help in deciding if this method for a Mongoose model component for user authentication can be made more secure and optimized, for efficiency and platform independence.
...
5
votes
1answer
708 views
MahApps login dialog in splash screen with Caliburn Micro
We are working on an application with a splash screen. After a few seconds/loading all the data, a login dialog appears inside the splash screen, asking you to enter username and password. Think of a ...
5
votes
1answer
1k views
Swift project using PHP web service
I was hoping for someone to review my current project, which was created in Swift and uses a PHP web service. I'm not worried about UI elements, as this is just a 'test' project, but I'm concerned ...
3
votes
0answers
79 views
Is this minimal Go cookie authentication system safe?
I'm working on a login system in Go (Golang). Previously, I was using Gorilla Sessions for this, but I wanted to see if I could reinvent the wheel and make it simpler.
Also, I don't need to store ...
2
votes
1answer
105 views
PHP login redirect security
I wish to redirect users to the login page if they attempt to visit a page which requires them to be logged in. After logging in, however, I want to redirect the user back to their original ...
8
votes
1answer
153 views
WCF Duplex service authentication
I have been thinking about a way to implement this and I am not sure that what I have done is correct, because it surely sounds kinda dirty to me.
Basically what I have is a WCF duplex service which ...
3
votes
1answer
251 views
Testable authentication handler for web API
I need to unit test my authentication handler. I don't really want do an assert against the text message returned by the handler. How could this be improved ?
...
5
votes
1answer
116 views
Security of login and register system
I need some help with my register and log in functions. I'm not sure if I have understood bcrypt correctly either. I'm doubting the security of it, what do you ...
2
votes
2answers
71 views
Social network message board website security
I have a script that contains functions from login in to posting status to friend request send and receive. Pretty much a social network script. Anyways i think my security is not up to date so if ...
1
vote
1answer
246 views
Authentication with JWT
Please review my code for 'JWT' authentication.
Are there any security issues?
Where should I store the secret's key, DB or InMemory?
What's a good 'JWT' Lifetime?
Should I send the 'JWT' in Header ...
3
votes
3answers
120 views
Registration and Login: Best way to separate responsibilities
Based on lots of read books, sometimes I get quite confused when things get bigger than the simple examples. Martin Fowler's clean code is good but not enough.
I want some feedback on how to improve ...
3
votes
1answer
114 views
Secure authentication using JavaScript module pattern and an AJAXified modal window
This code is not live, but for brevity I'll write as though it is.
When a user clicks any element with the class name js-modalOpen, for example:
...
1
vote
1answer
222 views
AngularJS Login Check
I have states that have a requiredlogin object set as true, then I have Angular listen on ...
0
votes
2answers
84 views
2
votes
1answer
121 views
Is my Node/Express-based authentication implementation with session properly done?
I know that Passport.js exists, however, I wanted to code my own implementation using express-session module.
I'm using:
Express
Mongoose
express-session
So I basically have 2 routes for handling ...
1
vote
1answer
60 views
Best way to implement j_security login
I have a j_security login implemented but it's been giving me a lot of problems and wanted to know if there's anything that sticks out as incorrect or outright ...
7
votes
2answers
185 views
My Authentication Service
This is the AuthenticationService I made based on Barry Jaspan's design, which is way better than the code of which I asked in a question a couple of months ago.
I ...
3
votes
3answers
265 views
PHP Login Check
I use this block of code to check if the user is logged in (login stored in cookies as a plain text and pass MD5 crypted). As I'm a novice in PHP, I'm not sure that this is a correct way. Are there ...
5
votes
1answer
892 views
Prompt for Windows Credentials via Dialog [closed]
I have some code that requires the user (an admin) elevate to a system admin account to perform a task.
I wish to prompt the user for the admin credentials to use.
I believe returning a ...
6
votes
4answers
138 views
8
votes
3answers
506 views
Comments in PHP authentication system
Leaving aside absolutely everything about the code itself (but if you find stuff that's not ok feel free to comment on them).
What I'm asking here is the following:
Is my code properly commented? ...
3
votes
2answers
3k views
Configure AspNet.Identity to allow for either username OR email address on login
I am wondering if there is a more efficient route to take here. Using AspNet.Identity I would like to allow the user to sign in to the same text box using either ...
1
vote
1answer
189 views
Structuring a user authentication system
I'm new to the MVC model. This is where I started: User authentication system. After questioning, reading and thinking a lot, I was able to write a small framework (don't know if 'framework' is the ...
6
votes
1answer
76 views
User persistence and login flow
I have a Java project that copies files and folders to a user's space on the cloud service using a RESTful API. The login design is getting very complicated, and I wanted advice on how to ...
7
votes
2answers
482 views
User authentication system
I'm new to OO PHP and I'm trying to create a simple properly-designed user authentication system.
What am I doing right and what not?
Is this right according to the MVC model?
...
3
votes
0answers
75 views
Knowing who is the user in every request (in every action and every view) [closed]
First: I have many model classes that are mapped from/to tables using EF. Two of them are User and UserCookie, which are stored ...
5
votes
1answer
583 views
PDO Login/Register system I've been working on
I'm relatively new to PHP and programming as whole. I'm sure my code could be better in a lot of ways, most of which I can't fully grasp at the moment. As it stands I'm trying to avoid the general ...
