SeishinX
commented
12 years ago https://github.com/ChrisXu/User-Login-Page This is the prototype I have created.
Open SeishinX opened 12 years ago
SeishinX
commented
12 years ago https://github.com/ChrisXu/User-Login-Page This is the prototype I have created.
yloginov
commented
12 years ago nice. should we encrypt the password and uname when sending it over for validation?
SeishinX
commented
12 years ago It's a good way to avoid attacks like man-in-middle. But if the password is sent to a authentication server and that server sends pass or fail to the website backend, then I think it's not necessary to encrypt the password. Especially the authentication server use methods like 1-to-1 hashing to check the password.
Understand what restful and resourceful means:
1-create a page with a user for login/logout. 2-create/delete restful and resourceful sessions. 3-use new command. 4-scaffolds generators can be used. 5-create tickets to track what's going on.