tdhieu / php-api-auth Public

forked from mevdschee/php-api-auth

Notifications You must be signed in to change notification settings
Fork 0
Star 0

Single file PHP script that adds authentication to a PHP-CRUD-API project

0 stars 88 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 32 Commits
README.md		README.md
api.php		api.php
auth.php		auth.php
login.html		login.html
login_token.html		login_token.html
login_token.php		login_token.php
logout.html		logout.html

Repository files navigation

PHP-API-AUTH

Single file PHP script that adds authentication to a PHP-CRUD-API project.

Requirements

PHP 5.3 or higher

Simple username + password

On API server

login.html is loaded
sends username + password via POST to "api.php/"
api.php (POST on "/" gets hijacked by auth.php) is loaded
sends back csrf token + http-only session cookie
call API as: api.php?csrf=[csrf token] (session cookie is sent automatically)

With authentication server

On authentication server

login_token.html is loaded
sends username + password via POST to "login_token.php"
login_token.php is loaded
sends token via POST to "api.php/"

On API server

api.php (POST on "/" gets hijacked by auth.php) is loaded
sends back csrf token + http-only session cookie
call API as: api.php?csrf=[csrf token] (session cookie is sent automatically)

About

Single file PHP script that adds authentication to a PHP-CRUD-API project

Report repository

Releases

No releases published

Packages

No packages published

Languages

PHP 94.0%
HTML 6.0%