Authenticating users

Lacuna • July 20, 2022


The login controller is nice and simple, during authentication it:

If the user does not exist, or the password is incorrect, display a simple error message.


The registration process is very similar:

If the user's email address already exists, display the relevant error on the form.

Home Page

Currently, the home page is simply a place-holder so that I can test the authentication process.


The logout process is very simple: drop all the session information for the current user and redirect back to the index page.

Password Recovery

If the user has forgotten their password, then this gives them the opportunity to create a new password.

Password Reset

Once the user receives a password reset mail, they have a limited time in which to click it, and set a new password.

Wrapping up

I've glossed over much of the authentication process, and there are potentially missing aspects however it will suffice for now.

The system has now reached the state where we can register, login, logout, and handle forgotten passwords all simply, cleanly and efficiently, however I need to be able to test everything correctly and ensure the code reaches the correct standard of quality before proceeding.