The Security screen is a tool to help you restrict access to the database in the generated app.
You can choose one of the following options:
There is no authentication. Everyone can access and edit the database.
Set the only login/password combination which grants access to the database.
Choose this method if you store username/password combinations in your database. In this case, you need to select the database table with the user data and choose the fields that store usernames, passwords, and full names. Full name content is displayed in the Logged as ... snippet after successful login.
If you wish to display additional information in the Logged as .. snippet, use the AfterSuccessfulLogin event to add a custom code. For example:
$_SESSION["UserName"] = $data["FirstName"].' '.$data["LastName"]
You can create a new table to store user login info by clicking Create new, and add new users to the selected table by clicking Add user.
The Database login page has the Third-party authentication option. See Facebook connect and Sign in with Google to learn more.
Third-party security providers
Note: the following options are only available in the Enterprise edition of PHPRunner: Active Directory, AzureAD, OKTA, SAML, OpenID. See Editions comparison to learn more.
This option works with the user data stored in the Active Directory. For more information, see Active Directory.
The Azure Active Directory (Azure AD) enterprise identity service from Microsoft that provides single sign-on and multi-factor authentication. For more info see AzureAD authentication.
Okta is a company that provides Single Sign-On services to many leading companies in the world. For more info see OKTA authentication.
Security Assertion Markup Language (SAML) is an open standard that allows identity providers (IdP) to pass authorization credentials to service providers (SP). For more info see SAML authentication.
OpenID allows you to use an existing account to sign in to multiple websites, without needing to create new passwords. For more info see OpenID authentication.
When you use third-party security providers (Active Directory, AzureAD, OKTA, SAML, OpenID), there are also some common options.
These are mostly the same settings as those that you choose when using Database-based security. External UserId field is the field that would store the ID that came from a third-party security provider. For Facebook it may look like fb1234567890123, for AD it may look like adjohn.smith etc.
Here you can specify token fields and specify their mapping to database fields. Token fields are defined in your security provider settings and available after a successful authentication.
Login page in the generated application
With active authentication, PHPRunner generates an additional PHP page called Login.
Here is how it looks like in the generated app:
Note: users can select the Remember me checkbox to store their session data in the cookies. This way, the user stays authenticated for as long as the cookies are relevant or active.
The additional security options are located on the right:
•You can select Login form appearance options like standalone login page or login page in popup.
•Two-factor authentication is an industry-standard way to protect users' data.
•Registration and passwords option allows you to create and set up the user registration, password reminder, and change password pages.
Note: if you need to customize the email templates that are sent when a new user is registered, use the Email templates option.
•Use Locking and Audit to set up record locking and user actions logging.
•Use Encryption to encrypt important data in the database.
•Use the Session keys option to enable a single logon for multiple projects.
•If the Database or or one of additional security providers are selected, you can set Advanced Security Settings and define Permissions.
Scenarios for configuring security options
•"One or several persons with the same access rights have access to the site".
Use the Hardcoded option.
•"There is a single owner (administrator) with full access. Other users (guests) have read-only access to some pages/reports/charts".
Use the Database option, enable guest login in the Advanced security settings, configure the access for guests in the User group permissions.
•"There are many users with different access levels and administrators with full access".
Use the Database option, configure Advanced security settings if you need to restrict access for each table, configure User group permissions to assign table level permissions, configure Admin group for administrators.
•"All user account data is stored in the Active Directory or in one of third-party security providers like OKTA".
Use the Active Directory or one of additional security providers option. You can use more than one security provider in a single project.
Security related articles:
•Building secure low code web applications