Securing PHP Applications:
A Deep Dive – Part Three – Authentication And Authorization
By Christopher Miller
So far, we’ve examined some of the attacks for a hacker, as well as some of the thoughts around code—but now, let’s consider Authentication and Authorization: the first layer of defense on any active site. One overriding thought should *ALWAYS* be “don’t roll your own authentication”—in other words, people have spent a long, long time building this out. The examples here are purely informational and should be steps to consider—and should be treated as pseudo-code. by Christopher Miller
This article was originally published in the July 2024 issue of php[architect] magazine. To read the complete article please subscribe or purchase the complete issue.
Leave a comment
Use the form below to leave a comment: