Login guide

The Login module provides a standardized method for implementing secure user identification workflows for web apps.

Using the Login module, you're able to start implementing a secure password-based user authentication mechanism to your app.

Instead of implementing a complete user authentication workflow, the Login module provides you a standardized method that you can adopt to create your authentication workflow, where things like the login form, the user database structure or the logout button are still up to you to implement to your liking.

Let's imagine we have in our database the following table called users, where we store all the users of our app, along with their login credentials:

Field name

Specs

id

unsigned int auto_increment primary key

The unique id to identify users.

name

varchar

The name of the user.

email

varchar

The email of the user.

passwordHash

varchar

The hashed password.

Creating the User class

First thing to do is creating a class to represent a user in our app. This class must extend the LoginUser class, which in turn also extends the Item class just as we learned in the Items guide, so it will be also the Item class that will represent an individual user in your app. Our User class will start looking like this:

<?php
namespace CherrycakeApp;
class User extends \Cherrycake\LoginUser {
protected $tableName = "users";
protected $fields = [
"id" => ["type" => \Cherrycake\DATABASE_FIELD_TYPE_INTEGER],
"name" => ["type" => \Cherrycake\DATABASE_FIELD_TYPE_STRING],
"email" => ["type" => \Cherrycake\DATABASE_FIELD_TYPE_STRING],
"passwordHash" => ["type" => \Cherrycake\DATABASE_FIELD_TYPE_STRING]
];
}

For our User class to work properly with the Login module, we need to add two properties:

  • userNameFieldName The name of the field that holds the user name we want our users to identify with.

  • encryptedPasswordFieldName The name of the field that holds the encrypted password of the users.

It would end looking like this:

<?php
namespace CherrycakeApp;
class User extends \Cherrycake\LoginUser {
protected $tableName = "users";
protected $userNameFieldName = "email";
protected $encryptedPasswordFieldName = "passwordHash";
protected $fields = [
"id" => ["type" => \Cherrycake\DATABASE_FIELD_TYPE_INTEGER],
"name" => ["type" => \Cherrycake\DATABASE_FIELD_TYPE_STRING],
"email" => ["type" => \Cherrycake\DATABASE_FIELD_TYPE_STRING],
"passwordHash" => ["type" => \Cherrycake\DATABASE_FIELD_TYPE_STRING]
];
}

Now we're ready to authenticate users in our web app, follow along in the next section to learn how to implement a complete login workflow using the Login module.