In this video, Keith Casey walks through various authentication schemes and discuss some tradeoffs for different implementations.
- [Instructor] In this chapter,…we're going to tackle our first…real design choice, authentication.…At first glance, authentication seems easy.…After all, you've probably built it a hundred times.…You ask for a user name and password,…check those credentials against a user table…in your database, and grant access if there's a match.…It's really not a challenge, is it?…And that's where we start running into problems.…Do we really want to embed our user name and password…into the app using our API?…What happens if that app is compromised?…Is my sensitive information at risk?…Or alternatively, what happens when we…forget that password and have to reset it?…Does our app stop working?…Let's take a step back.…
The authentication space is big and complex.…There are options that require back and forth…between client applications and the server,…there are options that are one time use,…and therefore, the consequences of the app…being compromised are relatively small.…But throughout all of this, remember one key aspect.…
This course begins with a simple application specification and builds it one step at a time. Each chapter includes a key concept, with examples from other public APIs, and then shows how to build it yourself with Silex. Learn about URL routing, validating input, and generating response codes and hypermedia payloads. Like any project, the first implementation may be a little messy, but don't worry. The last chapter covers refactoring and what it takes to scale and support the API going forward.
- Understanding the project goals
- Adding authentication with Silex
- Using cross-framework and authentication middleware
- Creating a read-write API in Silex
- Uploading files via an API
- Adding file security
- Creating payloads and response codes in Silex
- Scaling your API
Skill Level Beginner
PHP Date and Time Essential Trainingwith David Powers4h 31m Intermediate
PHP: Managing Persistent Sessionswith David Powers2h 41m Intermediate
1. Project Explanation and Goals
2. Authentication Options and Tradeoffs
Cross framework middleware1m 32s
3. Create a Read-Write API
4. File Uploads via API
5. Scale Your API
Next steps1m 46s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.