Thursday, August 16, 2018

WhatsApp will now have unlimited data backup on Google Drive

WhatsApp has taken upon itself to formally inform all its users that according to a new agreement with Google, the platform's backups are no longer going to count against Google's own storage quota. Up till now, WhatsApp offered a very limited storage data for backup. This won't be the case after...

[ This is a content summary only. Visit our website https://ift.tt/1b4YgHQ for full links, other content, and more! ]

by Neha Zaidi via Digital Information World

Instagram suffers from a breach in its security system as more and more accounts get hacked

As people, especially celebrities, have resorted to using Instagram more than other social media, the platform has seen a sudden surge in the number of hacked accounts. The domain is currently dealing with this issue, and has been taking several steps to tackle it. Recently, Instagram published a...

[ This is a content summary only. Visit our website https://ift.tt/1b4YgHQ for full links, other content, and more! ]

by Neha Zaidi via Digital Information World

How to Improve or Restore Your Online Reputation

Has your business suffered from negative reviews online? Wondering how to respond to negative posts that reflect badly on your service or products? In this article, you’ll discover how to respond to unhappy customers on social media and address negative online content. Why an Online Reputation and Reviews Matter to Marketers Every day, people use [...]

The post How to Improve or Restore Your Online Reputation appeared first on Social Media Examiner.


by Sameer Somal via Social Media Examiner

How to Do User Authentication With the Symfony Security Component

In this article, you'll learn how to set up user authentication in PHP using the Symfony Security component. As well as authentication, I'll show you how to use its role-based authorization, which you can extend according to your needs.

The Symfony Security Component

The Symfony Security Component allows you to set up security features like authentication, role-based authorization, CSRF tokens and more very easily. In fact, it's further divided into four sub-components which you can choose from according to your needs.

The Security component has the following sub-components:

  • symfony/security-core
  • symfony/security-http
  • symfony/security-csrf
  • symfony/security-acl

In this article, we are going to explore the authentication feature provided by the symfony/security-core component.

As usual, we'll start with the installation and configuration instructions, and then we'll explore a few real-world examples to demonstrate the key concepts.

Installation and Configuration

In this section, we are going to install the Symfony Security component. I assume that you have already installed Composer on your system—we'll need it to install the Security component available at Packagist.

So go ahead and install the Security component using the following command.

We are going to load users from the MySQL database in our example, so we'll also need a database abstraction layer. Let's install one of the most popular database abstraction layers: Doctrine DBAL.

That should have created the composer.json file, which should look like this:

Let's modify the composer.json file to look like the following one.

As we have added a new classmap entry, let's go ahead and update the composer autoloader by running the following command.

Now, you can use the Sfauth namespace to autoload classes under the src directory.

So that's the installation part, but how are you supposed to use it? In fact, it's just a matter of including the autoload.php file created by Composer in your application, as shown in the following snippet.

A Real-World Example

Firstly, let's go through the usual authentication flow provided by the Symfony Security component.

  • The first thing is to retrieve the user credentials and create an unauthenticated token.
  • Next, we'll pass an unauthenticated token to the authentication manager for validation.
  • The authentication manager may contain different authentication providers, and one of them will be used to authenticate the current user request. The logic of how the user is authenticated is defined in the authentication provider.
  • The authentication provider contacts the user provider to retrieve the user. It's the responsibility of the user provider to load users from the respective back-end.
  • The user provider tries to load the user using the credentials provided by the authentication provider. In most cases, the user provider returns the user object that implements the UserInterface interface.
  • If the user is found, the authentication provider returns an unauthenticated token, and you can store this token for the subsequent requests.

In our example, we are going to match the user credentials against the MySQL database, thus we'll need to create the database user provider. We'll also create the database authentication provider that handles the authentication logic. And finally, we'll create the User class, which implements the UserInterface interface.

The User Class

In this section, we'll create the User class which represents the user entity in the authentication process.

Go ahead and create the src/User/User.php file with the following contents.

The important thing is that the User class must implement the Symfony Security UserInterface interface. Apart from that, there's nothing out of the ordinary here.

The Database Provider Class

It's the responsibility of the user provider to load users from the back-end. In this section, we'll create the database user provider, which loads the user from the MySQL database.

Let's create the src/User/DatabaseUserProvider.php file with the following contents.

The user provider must implement the UserProviderInterface interface. We are using the doctrine DBAL to perform the database-related operations. As we have implemented the UserProviderInterface interface, we must implement the loadUserByUsername, refreshUser, and supportsClass methods.

The loadUserByUsername method should load the user by the username, and that's done in the getUser method. If the user is found, we return the corresponding Sfauth\User\User object, which implements the UserInterface interface.

On the other hand, the refreshUser method refreshes the supplied User object by fetching the latest information from the database.

And finally, the supportsClass method checks if the DatabaseUserProvider provider supports the supplied user class.

The Database Authentication Provider Class

Finally, we need to implement the user authentication provider, which defines the authentication logic—how a user is authenticated. In our case, we need to match the user credentials against the MySQL database, and thus we need to define the authentication logic accordingly.

Go ahead and create the src/User/DatabaseAuthenticationProvider.php file with the following contents.

The DatabaseAuthenticationProvider authentication provider extends the UserAuthenticationProvider abstract class. Hence, we need to implement the retrieveUser and checkAuthentication abstract methods.

The job of the retrieveUser method is to load the user from the corresponding user provider. In our case, it will use the DatabaseUserProvider user provider to load the user from the MySQL database.

On the other hand, the checkAuthentication method performs the necessary checks in order to authenticate the current user. Please note that I've used the MD5 method for password encryption. Of course, you should use more secure encryption methods to store user passwords.

How It Works Altogether

So far, we have created all the necessary elements for authentication. In this section, we'll see how to put it all together to set up the authentication functionality.

Go ahead and create the db_auth.php file and populate it with the following contents.

Recall the authentication flow which was discussed in the beginning of this article—the above code reflects that sequence.

The first thing was to retrieve the user credentials and create an unauthenticated token.

Next, we have passed that token to the authentication manager for validation.

When the authenticate method is called, a lot of things are happening behind the scenes.

Firstly, the authentication manager selects an appropriate authentication provider. In our case, it's the DatabaseAuthenticationProvider authentication provider, which will be selected for authentication.

Next, it retrieves the user by the username from the DatabaseUserProvider user provider. Finally, the checkAuthentication method performs the necessary checks to authenticate the current user request.

Should you wish to test the db_auth.php script, you'll need to create the sf_users table in your MySQL database.

Go ahead and run the db_auth.php script to see how it goes. Upon successful completion, you should receive an authenticated token, as shown in the following snippet.

Once the user is authenticated, you can store the authenticated token in the session for the subsequent requests.

And with that, we've completed our simple authentication demo!

Conclusion

Today, we looked at the Symfony Security component, which allows you to integrate security features in your PHP applications. Specifically, we discussed the authentication feature provided by the symfony/security-core sub-component, and I showed you an example of how this functionality can be implemented in your own app.

Feel free to post your thoughts using the feed below!


by Sajal Soni via Envato Tuts+ Code

Facebook introduces two new updates related to publishing videos on the platform

As reported by social and digital media consultant, Matt Navarra, Facebook is adding new features to the platform, related to the videos which get posted online. Quite strangely though, when a person will publish a video on the social medium, Facebook will inquire the user if the clip has been...

[ This is a content summary only. Visit our website https://ift.tt/1b4YgHQ for full links, other content, and more! ]

by Neha Zaidi via Digital Information World

Google tracks users even when they have turned off location

According to an investigative report published by the Associate Press, Google services keep on tracking a user's location even when the person has disabled it. This is a violation of the privacy regulations of the company- something which Google is well aware of. This report was ascertained by...

[ This is a content summary only. Visit our website https://ift.tt/1b4YgHQ for full links, other content, and more! ]

by Neha Zaidi via Digital Information World

Applications which help reduce the harmful blue light that emanates from gadgets

Since the advent of technology and its normalization among the public, life has become increasingly difficult without smart phones, laptops and tablets. It has become an everyday norm of surfing the Internet, or just using one's gadgets randomly, before sleeping. However, it is also well known that...

[ This is a content summary only. Visit our website https://ift.tt/1b4YgHQ for full links, other content, and more! ]

by Neha Zaidi via Digital Information World