{"@context":"https://schema.org","@graph":[{"@type":"Organization","@id":"https://www.bairwell.com/#organization","name":"Bairwell Ltd","url":"https://www.bairwell.com/","sameAs":["https://www.facebook.com/bairwell/","https://www.linkedin.com/company/bairwell","https://twitter.com/bairwell"],"logo":{"@type":"ImageObject","@id":"https://www.bairwell.com/#logo","url":"https://www.bairwell.com/wp-content/uploads/2017/02/bairwell.png","width":400,"height":400,"caption":"Bairwell Ltd"},"image":{"@id":"https://www.bairwell.com/#logo"}},{"@type":"WebSite","@id":"https://www.bairwell.com/#website","url":"https://www.bairwell.com/","name":"Bairwell PHP and WordPress Development","publisher":{"@id":"https://www.bairwell.com/#organization"},"potentialAction":{"@type":"SearchAction","target":"https://www.bairwell.com/?s={search_term_string}","query-input":"required name=search_term_string"}},{"@type":"ImageObject","@id":"https://www.bairwell.com/project/comprobo-authentication/#primaryimage","url":"https://www.bairwell.com/wp-content/uploads/2017/02/comprobo_auth.jpg","width":1107,"height":878},{"@type":"WebPage","@id":"https://www.bairwell.com/project/comprobo-authentication/#webpage","url":"https://www.bairwell.com/project/comprobo-authentication/","inLanguage":"en-GB","name":"Comprobo - Authentication | Bairwell PHP and WordPress Development","isPartOf":{"@id":"https://www.bairwell.com/#website"},"primaryImageOfPage":{"@id":"https://www.bairwell.com/project/comprobo-authentication/#primaryimage"},"datePublished":"2016-03-15T20:20:37+00:00","dateModified":"2017-02-15T20:28:25+00:00"}]}

Comprobo – Authentication

OAuth, OpenId or Email login – it’s all the same to me…

Comprobo needed a simple way of allowing users to login to their system using either email authentication or OpenId/OAuth with Facebook, Google, Bitbucket, LinkedIn or Microsoft Live. Users then had to be assigned a time limited signed JWT (JSON Web Token) which could be renewed until their login expired – this allowed them to authentication themselves against other parts of the system without information needing to be passed from one part of the system to another.

This system used the PHP libraries “PHP League/OAuth2” for the main authentication, but then integrated that with a custom written email authentication system, form validation and JWT creation (all using the Slim3 framework as a backend and documented in Swagger/OpenAPI standards).

Date

March 2016

Technologies

PHP

Slim3

oAuth

OpenID

Swagger/OpenAPI

Want us to build or design your site?