User logins
Mywaterfasts.com
So I'm working on user logins. This one is a lot more complicated than just keeping records inserted using forms.
The idea is to keep track of user interaction with all the glucose/Ketone tests and all the disease conditions that happen with the progression of human aging.
The autophagy program needs to filter and combine all the different aspects of the progression of water fasts and the levels of disease removal.
For that to happen properly, a user's password needs a good level of protection and so does the security of the user in the database.
There are 3 things to handle when creating and maintaining a user profile. The first is properly creating a new user. The second is logging the user with proper authentication. The third is resetting the password if the user forgets their password.
1. Creating the new user.
Whether the new user uses a made up name or his/her own, an email must be entered. So it makes senses that the user ID would be their email. Then, when user creation is attempted, the system demands that the new user enter a code that was created randomly and sent to that email. If their email exists and they receive the code, then when they type the new code in, they are entered into the system and now have access to the application.
The new password is now entered into the database using the Sha512 encryption system. I cannot see the password unless I save the password unencrypted. That would be rather foolish of me so there is no way I would save it unencrypted.
2. Logging in
When the user logs in, the password is reencrypted, if it matches the database, then they are logged in. That way, even if the database is stolen, the user's password is protected. I dont even know what it is.
3. The user forgets their password. There, I do the same as a new user and send a code to their email and if the code sent matches what they type in, I'll give them the opportunity to reenter a new password.
Comments
Post a Comment