Using Ajax for login/ authentication

Not for 'how-to' coding questions but PHP theory instead, this forum is here for those of us who wish to learn about design aspects of programming with PHP.

Moderator: General Moderators

Post Reply
User avatar
kendall
Forum Regular
Posts: 852
Joined: Tue Jul 30, 2002 10:21 am
Location: Trinidad, West Indies
Contact:

Using Ajax for login/ authentication

Post by kendall »

I have been combing through the web looking at using AJax as a means to initiate user authenication. Now i came across some pretty nifty examples but I also have ideas and also concerns in which i was hoping to get advice on....

Firstly....

I was looking at an example where the programmer used ajax along with a md5 and a "secret" to encrypt and transmit a login through a regular protocol....

I was looking at his method of "seeding" an i was wondering...

1) how effective it would be to use a "session" to be use as a method of storing seed information and to also use it to verify a user and transaction.

2) most of the tutorials simply explain the ajax login...but how effective is it when using an ajax driven application and carrying authentication information between pages?


Any links to example and tutorial information on this topic would be greatly appreciated.

Thanks

Kendall
User avatar
califdon
Jack of Zircons
Posts: 4484
Joined: Thu Nov 09, 2006 8:30 pm
Location: California, USA

Re: Using Ajax for login/ authentication

Post by califdon »

There are undoubtedly some of the other Forum members who can give you better info than this, but since I see that nobody has answered you yet, let me give you my take on it. You're really talking about several separate topics, so try to keep them separate in your thinking.
1) I don't see the connection between using a session and storing seed data for an encryption alogorithm, but maybe I just don't know enough about it.
2) Ajax is nothing more or less than a means to communicate between the browser and the server without reloading the entire page, so it really has nothing to do with carrying data from one page to another.
User avatar
kendall
Forum Regular
Posts: 852
Joined: Tue Jul 30, 2002 10:21 am
Location: Trinidad, West Indies
Contact:

Re: Using Ajax for login/ authentication

Post by kendall »

2) Ajax is nothing more or less than a means to communicate between the browser and the server without reloading the entire page, so it really has nothing to do with carrying data from one page to another.
Weelll maybe i was a bit misleading there....but there is going to be a page to page transition but the data to be displayed (using a bit of ajax) is dependent on the user be authenticated....

thanks for the comments....i will keep up with the research
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Re: Using Ajax for login/ authentication

Post by alex.barylski »

My only concern with AJAXied applications...

Authentication is sort of a required - requirement. So unlike adding sugar to candy via a WYSIWYG...if the user doesn't have JS enabled for some reaosn (maybe they left it disbaled during testing with FF - which I am guilty of doing numerous times and then trying to work on Facebook)...

The point is...making authenitcation dependent on JS is something you want to think of carefully (your user base mostly) before you lock yourself in.

Just my two cents. ;)
User avatar
kendall
Forum Regular
Posts: 852
Joined: Tue Jul 30, 2002 10:21 am
Location: Trinidad, West Indies
Contact:

Re: Using Ajax for login/ authentication

Post by kendall »

thanks....your 2 cents is very well valued... :D ...you know i have always wondered about how to enable and disable JS in FF and IE...How the hell do you do that in the first place? why would you want to i the first place :offtopic:
malcolmboston
DevNet Resident
Posts: 1826
Joined: Tue Nov 18, 2003 1:09 pm
Location: Middlesbrough, UK

Re: Using Ajax for login/ authentication

Post by malcolmboston »

kendall wrote:thanks....your 2 cents is very well valued... :D ...you know i have always wondered about how to enable and disable JS in FF and IE...How the hell do you do that in the first place? why would you want to i the first place :offtopic:
Web Developer toolbar for firefox is your 2nd best friend!

https://addons.mozilla.org/en-US/firefox/addon/60
alex.barylski
DevNet Evangelist
Posts: 6267
Joined: Tue Dec 21, 2004 5:00 pm
Location: Winnipeg

Re: Using Ajax for login/ authentication

Post by alex.barylski »

kendall wrote:thanks....your 2 cents is very well valued... :D ...you know i have always wondered about how to enable and disable JS in FF and IE...How the hell do you do that in the first place? why would you want to i the first place :offtopic:

I don't general disable JS in IE - although I believe it's done inside the:

Code: Select all

Internet Options -> Security -> Custom Level -> Active Scripting (disabled)
Something like that, it's been a while...I now just use the dev tool bar in FF to test how the page reacts without JS and I use IE with JavaScript to get the best of both worlds
User avatar
califdon
Jack of Zircons
Posts: 4484
Joined: Thu Nov 09, 2006 8:30 pm
Location: California, USA

Re: Using Ajax for login/ authentication

Post by califdon »

malcolmboston wrote: Web Developer toolbar for firefox is your 2nd best friend!

https://addons.mozilla.org/en-US/firefox/addon/60
Wow! Thanks for the reference. It looks like it will be very useful to me. It's sure comprehensive!
Post Reply