![php[architect] logo](/wp-content/themes/phpa/images/new_logo_mark_nav.png){kind=logo}
You’ve no doubt heard HTTP is stateless, meaning a web server doesn’t know anything from one request to the next for the same client. Beyond news and information sites, however, a web application typically will need to know who you are and what you can do with it to be useful. In this issue, we look at effectively handling authentication and authorization.
In the April 2017 edition of php[architect], I wrote all about multi-factor authentication. We looked at what it took to enable your application to send a one-time-use code through email. Now we will use what we learned from the emailed one-time-use code, expand on it, and replace it to use Google Authenticator. Starting with a basic explanation of what Google Authenticator is and how it works, we will build out a new Laravel application, protect it using the built-in auth providers, and then expand it to require TOTP. by Brian Retterer
Read this Article for FREE (pdf)
Requiring users to log in individually to all the websites they need for their work is more than merely annoying: It wastes a lot of time and turns maintaining log-in credentials and permissions into a nightmare for the administrative staff. Let’s see if we can fix that with a single sign-on service. by Arne Blankerts
Zend Framework has been around for a long, long time. The first official release of Zend Framework was March 3, 2006, but the framework we see today in version 3 (ZF3) is unrecognizable from the 0.1.1 beta release over ten years ago. Today, we’ll review the story of ZF3 from its humble beginnings, take a look at how the Zend Framework looks today, and how we can start using it. by Gary Hockin
Chances are high you will change your job more than once in your career. If you do not already think it’s time to move on and take the next step with another employer, you probably will in the not too distant future. Even if that day isn’t today, you need to have a plan and calculate the numbers to determine when it’s time to jump ship and find the next ship to climb aboard. by Andrew Koebbe
Security is always a hot topic. Whether you offer a service, develop software, use a service such as Yahoo!, or invest in start-ups, security is increasingly on your radar. This month, we’ll look at a particular PHP implementation of Role-Based-Access-Control, called Zend-Permissions-Rbac. by Matthew Setter
This month we’ll cover one of my favorite Laravel features: form requests. We’ll review form requests and how to move the validation logic out of your controllers and into a custom request. We’ll also look at how to easily test your HTML forms, form requests, and form processing logic via functional testing. by Joe Ferguson
I once told a coworker that a [explitive] monkey could do a better job than he could. There will come a time where you are going to have to deal with team members that are not satisfactory. This could be due to a variety of reasons, but dealing with issues constructively is a very valuable skill. by Chris Tankersley
Developers the world over were in shock this past May as thousands of computers in the UK’s National Health System were rendered inoperable due to a malware attack. Thanks to a previously leaked vulnerability in Windows’ operating system, and the notoriously slow rate at which large enterprises apply system patches, hackers were able to infiltrate and infect these systems with specific viruses.
The PHP community has really been quite something for me, and coming from being totally unknown to a point where somehow, the lovely folks at php[architect] felt it was acceptable to trust me with taking over the mantle of writing this Community Corner column every month… it has been an adventure. by James Titcumb
Typically when asked what the best part of a conference is, a regular attendee will respond: “The Hallway Track.” The Hallway Track is the unofficial “track” of discussions taking place in the hallways. Would “I’m going to be chatting with others and not going to all the talks,” fly with your boss as justification for going? by Eli White
Accessing backend system…
We're sorry, but your session has expired due to inactivity. Please use your browser to refresh this page and log in to our system again.
