public/user.php

<?php
defined('APP_DIR') or define('APP_DIR', __DIR__ . '/../app/');
include_once(APP_DIR . 'model/User.php');
include_once(APP_DIR . 'include/http.php');

$data = User::authenticated();
if (!$data) {
    Http::redirect('index.php');
}

include 'template/header.html';
include 'template/user_menu_button.php';
?>

<div class="row user-container">
    <div class="col s8 offset-s2">
        <h1> Welcome, <?php echo $data->username ?>! </h1> <br />
        <h5> Here's a bit of interesting information about this site... </h5> <br />
        <ul class="collapsible" data-collapsible="accordion">
            <li>
                <div class="collapsible-header">
                    <i class="material-icons">lock_outline</i>
                    User authentication
                </div>
                <div class="collapsible-body">
                    <span>
                        Users are authenticated with this website using <a href="https://jwt.io/">JWT</a>
                        tokens which are generated server-side. Upon signing in, a user is given a unique
                        token containing non-sensitive user information which is stored client-side as a
                        browser cookie.
                    </span>
                </div>
            </li>
            <li>
                <div class="collapsible-header">
                    <i class="material-icons">vpn_key</i>
                    Password hashing
                </div>
                <div class="collapsible-body">
                    <span>
                        Passwords are salted and hashed server-side and stored in the
                        user database. Passwords are hashed using PHP's bcrypt algorithm.
                    </span>
                </div>
            </li>
            <li>
                <div class="collapsible-header">
                    <i class="material-icons">https</i>
                    HTTPS support
                </div>
                <div class="collapsible-body">
                    <span>
                        This website uses HTTPS (HTTP over SSL) to communicate between client
                        and server. All HTTP requests and responses are securely encrypted before
                        being sent. HTTPS makes use of public-key cryptography.
                    </span>
                </div>
            </li>
        </ul>
    </div>
</div>

<?php
include 'template/footer.html';
?>