GitHub - tkhrl/php_secure_auth: Secure user login/authentication template for PHP web applications

tkhrl / php_secure_auth Public

Notifications You must be signed in to change notification settings
Fork 2
Star 0

Secure user login/authentication template for PHP web applications

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
.gitignore		.gitignore
LICENSE		LICENSE
README		README
authenticate.php		authenticate.php
config.php		config.php
db_connect.php		db_connect.php
header.php		header.php
lib_auth.php		lib_auth.php
login.php		login.php
logout.php		logout.php
setup_database.sql		setup_database.sql
validate_session.php		validate_session.php

Repository files navigation

                       PHP Secure Authentication Package

Author: Jody Bruchon <[email protected]>

This project began because every example I found on the Internet for how to
do PHP authentication gave a lot of bad advice and was sorely out-of-date.
The goal is to create a simple PHP/MySQL user authentication system that
is actually secure while also being simple and easy to understand. The use
of PHP's built-in password hash generation tools and CSRF tokens greatly
improves the security beyond the tired old "MD5 hash it and stick it in the
database" tutorials all over the place. (MD5 is bad, kids, and CSRF is an
underappreciated way to ruin your day.)

I can't guarantee this is actually secure. You need to review the code and
check for yourself. Don't blindly trust my code.

Please report bugs to me and I'll fix them as fast as I can. I hope this
code is helpful to you! If so, feel free to let me know. ;-)