Skip to content
/ php-api-auth Public
forked from mevdschee/php-api-auth

Single file PHP script that adds authentication to a PHP-CRUD-API project

0 stars 88 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sidbenac/php-api-auth

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

49 Commits
README.md
README.md
 
 
api.php
api.php
 
 
auth.php
auth.php
 
 
login.html
login.html
 
 
login_token.html
login_token.html
 
 
login_token.php
login_token.php
 
 
logout.html
logout.html
 
 

Repository files navigation

PHP-API-AUTH

Single file PHP script that adds authentication to a PHP-CRUD-API project.

Requirements

  • PHP 5.3 or higher

Simple username + password

On API server

  • login.html is loaded
  • sends username + password via POST to "api.php/"
  • api.php (POST on "/" gets hijacked by auth.php) is loaded
  • sends back csrf token + http-only session cookie
  • call API as: api.php?csrf=[csrf token] (session cookie is sent automatically)
  • (when using Angular2 or Vue2 the CSRF token is sent automatically)

With authentication server

On authentication server

  • login_token.html is loaded
  • sends username + password via POST to "login_token.php"
  • login_token.php is loaded
  • sends token via POST to "api.php/"

On API server

  • api.php (POST on "/" gets hijacked by auth.php) is loaded
  • sends back csrf token + http-only session cookie
  • call API as: api.php?csrf=[csrf token] (session cookie is sent automatically)
  • (when using Angular2 or Vue2 the CSRF token is sent automatically)

About

Single file PHP script that adds authentication to a PHP-CRUD-API project

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • PHP 95.2%
  • HTML 4.8%