01.12.15 - 05.10.15
Biag's Library with Authentication
Objective: To work with sessions to provide authentication
pastdue
| All basic book CRUD abilities are present | 5 pts |
| Anyone can view the book list and book details | 5 pts |
| Only a logged in administrator can add, edit, or delete books | 20 pts |
| CRUD capabilities for administrators is provided | 20 pts |
| Only logged in administrators can access the administrator CRUD pages | 15 pts |
| A login page is provided and works correctly | 20 pts |
| The ability to logout is provided | 10 pts |
| The application is easy to use and friendly to all users | 5 pts |
| Total | 100 pts |
Biag likes what you've provided for him to manage his library of books, so much that he wants to go public with it, but he's concerned about security. The problem is that if his library app is available online then anyone on the internet will be able to add, edit, or delete his books.
What he would like for you to do is to provide a way that he can maintain all of the capabilities in the app that he currently has but that the general public will only be able to view the list of his books and their details.
To do this you explain to him that you'll need to implement an authentication system for his site where he'll be able to login to gain access to the abilities to add, edit, and delete books, others who cannot login will only be able to view his books. He's okay with this but insists that he also be able to easily add other people to the list of authorized users so he can allow other trusted people to manage his library on his behalf.