We need to prepare controllers (internal API) to all actions regarding logging, creating accounts and resetting passwords - after preparing database for gm's and implementing email sender
TODO
Handling login form
[ ] ajax from front to backend
[x] handling and sanitazing user input
[x] db operations, checking existence of user etc.
[x] creating session, if credentials are good
[x] response to the front
Handling registration form
[ ] ajax from front to backend
[x] handling and sanitizing user input
[x] db operations, checking existence of user etc.
[x] if everything is good, send activation email
[x] response to the front
Handling "forget password" form
[ ] ajax from front to backend
[x] handling and sanitazing user input
[x] db operations, checking existence of user etc.
[x] sending email to the user with link to resetting password
[x] response to the front
Handling actual changing password form
[x] get hash from URL
[x] check if hash is correct
[x] display proper page to the user (error page if something is not correct or form if everything is good)
[ ] ajax to backend
[x] handling and sanitazing user input
[x] db operations including changing the hash
[x] response to the front
We need to also implement session storage on server and browser
Description
We need to prepare controllers (internal API) to all actions regarding logging, creating accounts and resetting passwords - after preparing database for gm's and implementing email sender
TODO
Handling login form
ajax
from front to backendHandling registration form
ajax
from front to backendHandling "forget password" form
ajax
from front to backendHandling actual changing password form
ajax
to backendWe need to also implement session storage on server and browser
I found a nice tutorial for that, we will have to sit and analize it first tho: https://www.phptutorial.net/php-tutorial/php-remember-me/