Implement Two-Factor Authentication Via Email - Build Expense Tracker App With PHP 8
Вставка
- Опубліковано 2 жов 2024
- In this video, we continue the 2FA logic & implement the verification part to verify the entered code.
SOME OF THE WAYS YOU CAN SUPPORT THE CHANNEL
👍 Smash the like button
🤝 Subscribe to the channel & turn the notifications on
💬 Post comments, any feedback is greatly appreciated
⭐ Become a Patreon: / programwithgio
THANK YOU!
🛠️ TOOLS & SERVICES I USE
Digital Ocean Hosting - Get 100$ credit - m.do.co/c/38b9...
Domains on Namecheap - namecheap.pxf....
Envato Elements - 1.envato.marke...
LESSON P.32
Starting Source Code - github.com/gge...
Ending Source Code - github.com/gge...
Course Outline - github.com/gge...
Course Playlist - • Learn PHP The Right Wa...
** Affiliate Disclaimer: Some of the above links may be affiliate links, which may generate me a sales commission at no additional cost to you.
this series is real to is name Learn PHP The Right Way - Full PHP Tutorial For Beginners & Advanced and the teacher is expaining complex functionalities in a way that make easy to learn, keep make videos for php and if you can please make raw php with vanilla js ajax, real world project videos, thank you!!
Thank you 💙💙
Oh great. Another one in succession. Thanks Gio. Must be a lot of hard work.
Thank you. Yes it is indeed a lot of work which is why it takes me awhile to publish new videos.
"Hi Gio,
I trust you're doing well. I've been working on developing a PHP script and I want to ask you something. I'm interested in implementing a server-side activation mechanism to ensure that users need to interact with my website or server before the script can be fully activated and used. Additionally, I want to make it challenging for users to modify or bypass the activation mechanism and ensure that I have remote control over the activation process.
Could you please provide guidance on how I can build such a mechanism? Specifically, I'm looking for advice on:
1. Implementing the activation logic within the PHP script.
2. Enhancing security measures to prevent unauthorized modifications or bypassing of the activation mechanism.
3. Establishing remote control over the activation process to enable/disable script functionality as needed.
Thank you in advance for your help!
It depends on your app structure. You could implement that with some flags on users table which would be much simpler but again it depends on the app
The best series ever. Thanks for this. Can you please also make tutorials for Asynchronous and also if there is some best library in your opinion?
Thank you 🙏. I haven't done a lot of async PHP, but is something I'm interested in. ReactPHP/framework X are good I think
@@ProgramWithGio Thanks for the suggestion. I'll definitely look into this. And again thanks for providing us with the top notch content. I already recommend this to all my fellow devs and highly recommend to those who want to learn PHP but in the right way.
Thank you 💙
Bro i would also request you to create a video on middleware implementation with routing as its not explained anywhere properly..:D
Noted, thank you
If manipulate the user request in proxy tool and how how to show the alert
I dont really understand the question. If user manipulates the URL they will get an error. What type of error is up to you, depends how you do error handling
From a usability point of view, it would be easier to use a link in the mail to avoid copy paste and why invalidate old codes? In case mailis slow, a user may be some mails behind and get confused why the code is invalid.
Not really, for 2FA most of them are codes. For user verification it's a link. Also invalidating old codes is part of security, expiration is also set for that, expiration is 30 mins and email shouldn't be delayed that long, if it is then there is a problem
Most of them are codes indead. Is that for a security reason or because there is no other way. I think the second. In this case a link is possible and that would be much easier for the users. Do you see a security reason?
Yea more suspectible to phishing attacks, coded email also can be phished but having signed URL might be more suspectible & easier to have users tricked to click into it if they are used to signing in using link rather than entering the codes
@@ProgramWithGio Thanks Gio that makes sense.
I want to create it will extend Laravel that will be pre define my function like helper,add some route, controller, migration,model,view,some essential package like data table,etc ... but I don't know too much in composer script .I mean my package is Laravel/Laravel not Laravel/framework.If any way you have please share me ,I really want it
I'm not sure I understand what you are trying to do. laravel/laravel is the userland repo, thats what you use to build laravel apps, laravel/framework is the actual framework code.
@@ProgramWithGio yes I know that and I want to copy Laravel/Laravel with my additional code like before I mentioned then it will be my package.
@@khantsithuphyo5484 so you want to create a package. Search in Google for package development in Laravel and you'll find some tutorials
the best 👌
Thank you