Comprobo – Authentication

Comprobo needed a simple way of allowing users to login to their system using either email authentication or OpenId/OAuth with Facebook, Google, Bitbucket, LinkedIn or Microsoft Live. Users then had to be assigned a time limited signed JWT (JSON Web Token) which could be renewed until their login expired – this allowed them to authentication themselves against other parts of the system without information needing to be passed from one part of the system to another.

This system used the PHP libraries “PHP League/OAuth2” for the main authentication, but then integrated that with a custom written email authentication system, form validation and JWT creation (all using the Slim3 framework as a backend and documented in Swagger/OpenAPI standards).