Project alpha: Passbook - User authentication complete

This week has been quite good in terms of development progress. I have been able to fit about 40 minutes to an hour each day in the early mornings before work to contribute to my Passbook project. I am rather enjoying taking the time to do things right and create a good baseline for future projects.

I have now done the user authentication, ie. sign in/out, as well as basic menus for authenticated and visiting users. While I was tempted to learn Cake PHP's authentication component I found it was just that much easier to implement my own. All an authentication system needs is be able to create new accounts, check whether an account name and password has a match in the database, then set a session variable. That session variable then determines whether the user has been authenticated or not.

My philosophy when dealing with frameworks is to try and use and follow framework patterns as much as possible. For me the auth component is nice but just too complex for the needs of most work I deal with. Most web applications will only have a couple of user levels and less than 100 real pages. The real determinant of access is user levels and page groups, which if done properly means all your authentication can be handled with a two or three level check.

I will blog more about my authentication methods and hopefully get some feedback about the effectiveness of my approach.


Post a Comment