Simple php authentification without database and temp files it's based with 1 password, no username.
if you whant to secure you webpage with password and you cant or no want use server storage / temp server storage
you just need php 7
im using TOTP for validate cookies
- after download
src/lib/directory on your website, includelib/auth.phpon your php webpage
<?php
include 'lib/auth.php'
?>
- generate password with php cli, open shell on any computer with cli php and generate new hashed password :
php -a
echo password_hash("<password>", PASSWORD_BCRYPT);
-
Generate base64 256 byte key :
- generate 256 byte hex on https://www.random.org/bytes/
- convert hex to base 64 on https://conv.darkbyte.ru/
-
Edit
lib/auth.phpfor set the new password, base64 key and session time :
$basekey = "<base64 key>"; //base 64 256 byte
$password = '<hashed password>'; //password_hash("pass", PASSWORD_BCRYPT)
$time = <session time in seconde>; //session time
- one password
- session time not always correct
- all user have same cookie if he connect on the same session period
