The NetTuts.com site has posted a tutorial for those looking to simplify the authentication of users in their PHP applications. In this new article they show how to use the Auth0 service to offload some of the burden of user management and authentication flow.

In this article, we're going to explore the Auth0 service, which provides authentication and authorization as a service. Auth0 allows you to set up basic authentication and authorization features for your apps in the blink of an eye.

The article starts with a brief overview of what the Auth0 service offers and what particular ones will be involved in the tutorial. To help make it simpler to get up and running, they've created a base application. They show how to get this application installed and configured to use the secrets values from your Auth0 account. It then walks through the various scripts included in the sample application including a login, logout and code to perform the actual authentication flow process (including validating the access token).

On his Medium.com blog Zeeshan Ahmad has posted a tutorial showing you how to set up JWT authentication in a Lumen application. Lumen is a micro-framework based on the larger Laravel framework's components.

Recently I have been tinkering with Vue.js to get a taste of it and I decided to create a quick project to get my hands dirty. I decided to create a blog with authentication etc. My main focus was on the frontend so I decided to quickly bootstrap an application in Lumen because of its simplicity and almost zero-configuration development. For the authentication, I decided to go with JWT and this post is going to be a quick write-up on how I integrated that and how anyone can integrate JWT authentication in their APIs.

He then walks you through the process of creating the application, creating the required configuration files/settings and the creation of the model and migration for the users table in the database. After populating the table with some fake seed data, he uses Composer to pull in the firebase/php-jwt library. From there he includes the code for the User controller and the JWT middleware that will handle the decoding of the token and locating the matching user. In his example it doesn't show the authentication process for the creation of the token, just the validation once it's set.

On the Pineco.de site there's a new post that answers some of the frequently asked questions they've heard about APIs in Laravel-based applications.

Developing APIs are getting more and more popular, but still, it’s a bit blurry field for many developers. We collected some common questions and tried to answer them in one place.

Their list of questions includes:

• "What does RESTful mean?"
• "How does API authentication work?"
• "Why Laravel has a “web” and an “api ” middleware group?"
• "How can I test my APIs?"

For each there's a brief summary of the issue and links to other sources (documentation and packages) to help answer or fix the issue.

On his site today Gonzalo Ayuso has a tutorial posted showing how to create authentication in OpenUI5 applications with the help of Lumen, Amazon Cognito and JWTs.

Today I want to create an UI5/OpenUI5 boilerplate that plays with Lumen backends. Simple, isn’t it? We only need to create a Lumen API server and connect our OpenUI5 application with this API server. But today I also want to create a Login also. The typical user/password input form. I don’t want to build it from scratch (a user database, oauth provider or something like that). Since this days I’m involved with Amazon AWS projects I want to try Amazon Cognito.

He then walks through the Cognito service and what it has to offer including user management and authentication handling. He starts with the OpenUI5 side, creating the basic application and login handling via the Congnito Javascript SDK. He then modifies this with some basic user handling and creates the view for the login form. He also includes functionality for password resets and the code required to inject the JWT into every request post-authentication.

In the TutsPlus.com site there's a tutorial posted showing you how to create a custom guard in Laravel by building on top of the current system to integrate it with a MongoDB database.

In this article, we’re going to cover the authentication system in the Laravel framework. The main aim of this article is to create a custom authentication guard by extending the core authentication system.

Laravel provides a very solid authentication system in the core that makes the implementation of basic authentication a breeze. [...] Moreover, the system itself is designed in such a way that you could extend it and plug in your custom authentication adapters as well. That’s what we'll discuss in detail throughout this article.

The article then starts out with a brief description of the two parts of the system: "guards" and "providers". It then provides the list of files that will be involved and where they belong in the overall structure. From there it's on to the configuration changes and code required to make the link to the MongoDB database and the creation of the User model and authentication provider. Next comes the code to create the guard and what's required to tie it all together and make the full system work. The tutorial wraps up with an example of testing this new guard via a simple controller call.

On the Pineco.de site there's a tutorial posted showing you how to implement the Laravel auth system on the frontend re-using the same logic in a single-page Vue.js application as you would on the backend.

If you are using Laravel, probably you are familiar with its ACL. You can easily restrict user’s access by creating policies and binding them to the specific models. It works perfectly on the back-end, but what can we do if our app is something like an SPA?

The post starts with a brief overview of the Laravel ACL handling as it relates to users and policies about what they can do or access. The frontend setup then makes use of a "cheap copy" of the Laravel "gate" handling via a Javascript-based request. They walk you through the preparation work you'll need and the creation of a gate class to define the current policies for CRUD methods. The main "Gate" class is then defined, setting up the before, allow and deny action methods. Finally these pieces are integrated into the Vue.js application with an example of either showing or hiding the "Edit" link based on the user permissions.

On the Auth0 blog there's a tutorial posted that shows you how to build an application with the Nette framework and easily integrate authentication via their own JSON web token functionality.

Nette is a free, open-source PHP framework designed for building web applications. Nette is a set of decoupled and reusable PHP packages that will make your work easier. And Nette is also known as the quick and comfortable web development framework in PHP because it has the tools that allow you to bang out PHP applications rather quickly.

[...] In this tutorial, I'll show you how easy it is to build a web application with Nette and add authentication to it. Check out the repo to get the code.

The tutorial starts by talking about some of the built-in tools the framework includes and some basic use of each. It then gets into building the application, creating the controller, view and template to output a list of characters from Game of Thrones. From there it moves into the authentication piece, showing the integration of the Auth0 plugin and how to hook it into an application on their platform. There's a bit of configuration to set it up as an authenticator but then the framework and the plugin take care of the rest.

On his Medium site Dragos Holban has a new tutorial posted as a part of his "Learn Symfony 2.8" series. This time he shows how to use Symfony OAuth authentication for a mobile application.

Let’s say you built an API using Symfony and you need to access it from a mobile application using authenticated requests on behalf of your users.

Here’s how to make this work using Symfony 2.8 and Doctrine.

He starts by helping you install the FOSOAuthServerBundle and how to enable it in your Symfony application's configuration. He then includes the code for the OAuth classes: the client and entities for the access token and access token handler. He shows how to configure the bundle and add in routing and configure security protection for the parts of your application. Next he shows the creation of a client and how to document your API using the NelmioApiDocBundle.

In a recent post to his site ** shows you how to create a system that uses a handy package to create JWT authentication handling for a Lumen-based application. Lumen is the microframework sibling to the Laravel framework.

Recently I have been tinkering with Angular-4 to get a taste of it and I decided to create a quick project to get my hands dirty. I decided to create a blog with authentication etc. My main focus was on the frontend so I decided to quickly bootstrap an application in Lumen because of its simplicity and almost zero-configuration development. For the authentication, I decided to go with JWT and this post is going to be a quick write-up on how I integrated that and how anyone can integrate JWT authentication in their APIs.

He then walks you through the setup of a new Lumen project and populates the database with some sample (faked) user information from a seeder. Next he helps you get the firebase/php-jwt library installed via Composer and creates the matching controller and middleware to wire it into the application. In his example the user is authenticated via the standard username/password form and, when successful, generates a JWT token that's then passed along with other requests for validation by the middleware.

On the 9Lessons.info site they've posted a tutorial walking you through the creation of an application using Iconic 3, Angular 4 and a PHP restful API and how to handle user authentication and signup. It's a continuation from this previous post that kicked off the series.

Today’s post explains how to implement login authentication system for your AngularJS applications. It will show you how to log in with a user and store the user session, so it deals with token based authentication. Since we are using token based authentication, it protects if any unauthorized request is made and notices for a new login if required. This makes your application’s authentication to be more secured compared with any other authentication system. Every user details will be stored in an external database and a PHP based API is used in the backend for handling this authentication. Hope you’ll find it more easily using this as your authentication system in your AngularJS projects.

They assume you've worked through the previous post and already have the basic structure of the application set up. They share a screencast showing the process but also include the key details - database tables, code and markup - in the post for those that prefer to follow along that way.