User Authentication question

CavemanUK · Jan 24, 2013, 02:34 PM

Hi guys,

For a few years I've been playing around with a php driven website that manages the customers in our small business. Its very low usage and more of a fun project than anything... recently ive been looking at making it more mobile and more html5/css3 specific etc.

Anyway, I was thinking about the user authentication. Currently there are 3 users that are stored in a mysql database and validated in the obvious way.

I wanted to improve the security and stability of this side of things and was wondering if this is something i can use something like facebook or openid for? basically i want to allow the same 3 users access but nobody else. it seems like facebooks authentication would certainly ensure its the right person logging in.

does this make any kind of sense or is there a better way?

SrWebDeveloper · Jan 26, 2013, 07:14 AM

Quote:

Originally Posted by CavemanUK

Hi guys,

I was wondering if this is something i can use something like facebook or openid for? basically i want to allow the same 3 users access but nobody else. it seems like facebooks authentication would certainly ensure its the right person logging in.

Yep.

Visit this page, download, install and load the class as instructed:

http://dan.cx/blog/2010/09/integrati...website-easily

This method is excellent because you can force Facebook authentication by including this in any PHP page, it's secure and uses the FB API, and the added bonus of optionally getting user's info after login to customize the PHP page.

Looking at the example code, to limit to 3 specific users try something like (untested, to show concept only after class is loaded which is not shown below, edit for your needs):

PHP Code:


			
$facebook = new FacebookLogin('100929283281389', '8*******************************1');
$user = $facebook->doLogin();
echo 'User\'s URL: ', $user->link, '<br />';
echo 'User\'s name: ', $user->name, '<br />';
echo 'Full details:<br /><pre>', print_r($user, true), '</ pre>';

// Set an array with 3 FB user names you permit
$allowedNames=array("joe","john","nancy");

// Authenticate them - remember in_array() is case sensitive
if (in_array($user->name,$allowedNames)) {

// Rest of page displays here - user is authorized so they can view it

} else {

// User is not permitted
echo "Sorry, $user->name, you are not permitted access to this page.";

}

Jan 24, 2013, 02:34 PM	#1
CavemanUK macrumors 6502 Join Date: Jun 2006 Location: Rhyl, North Wales	User Authentication question Hi guys, For a few years I've been playing around with a php driven website that manages the customers in our small business. Its very low usage and more of a fun project than anything... recently ive been looking at making it more mobile and more html5/css3 specific etc. Anyway, I was thinking about the user authentication. Currently there are 3 users that are stored in a mysql database and validated in the obvious way. I wanted to improve the security and stability of this side of things and was wondering if this is something i can use something like facebook or openid for? basically i want to allow the same 3 users access but nobody else. it seems like facebooks authentication would certainly ensure its the right person logging in. does this make any kind of sense or is there a better way? __________________ MacBook Pro 2.33/250 Hybrid/3GB Lion iPhone 4S 32GB \| iPhone 4 16GB \| New iPad 32GB \| iPad 2 16GB
	0

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Switch to Linear Mode Hybrid Mode Switch to Threaded Mode


MacRumors Forums > Special Interests > Visual Media > Web Design and Development