As soon as you add features to your application that are meant for privileged or registered users, you need some kind of authentication system. This is how users log in to their account on your application, prove that they are who they say they are, and are given privileges that anonymous or unregistered users don’t get. In this chapter, we put together a relatively simple, yet secure, authentication system for our sample guestbook.
There are two primary goals for any user authentication scheme:
• To ensure that users actually are who they say they are (or are actual humans rather than automated scripts)
• To ensure that users have the ability to access the resources ...