Hng Team Ruby Task (Back-end)
Our Team was given the task to build a login page as well as a sign up page. This post is about our Back-end development. Back end Development refers to the server side of development where you are primarily focused on the functionality of the site. Our task is to make the login and sign up pages of our website functioning and able to authenticate users. As you might already know now, the frontend was built with HTML, CSS, JS and bootstrap framework and the back-end was written in vanilla PH,P no frameworks, and MySQLi(for database). First, we created the users table in MySQLi database where we will store data of users who sign-up to our website then we connected to MySQLi database server via a PHP configuration script. Next we wrote a PHP script that works along with the sign-up page. This script takes the data/credentials entered by the user, verify that they meet required standard for instance, all passwords must be alphanumeric and more than 6 characters while username must be unique. If the data the user enters does not meet the required standard an error message will be sent to them. If their data meets the standard, their account is then created and their data is inserted and stored in the database. we also used the PHP password\_hash() function to create password hash from the password string entered by the user. This function creates a password hash using a strong one-way hashing algorithm. It also generates and applies a random salt automatically when hashing the password; this means that even if two users have the same passwords, their password hashes will be different. After completing the registration system, we wrote the login script that authenticates user login. When a user attempts to login to the site, the database selects all records if a record is found and the password match, they're successfully logged in or if they're not, they see an "invalid login details" error message which should prompt them to register an account first. Behind the scenes, each session handles storage and validation of some sort and when the user is done and logs out, that session is destroyed.