Skip to content

/ cse4707-secure-messaging

Permalink
master

cse4707-secure-messaging/public/user.php

Go to file
 
 
Cannot retrieve contributors at this time
65 lines (61 sloc) 2.4 KB
Raw Blame
<?php
defined('APP_DIR') or define('APP_DIR', __DIR__ . '/../app/');
include_once(APP_DIR . 'model/User.php');
include_once(APP_DIR . 'include/http.php');
$data = User::authenticated();
if (!$data) {
Http::redirect('index.php');
}
include 'template/header.html';
include 'template/user_menu_button.php';
?>
<div class="row user-container">
<div class="col s8 offset-s2">
<h1> Welcome, <?php echo $data->username ?>! </h1> <br />
<h5> Here's a bit of interesting information about this site... </h5> <br />
<ul class="collapsible" data-collapsible="accordion">
<li>
<div class="collapsible-header">
<i class="material-icons">lock_outline</i>
User authentication
</div>
<div class="collapsible-body">
<span>
Users are authenticated with this website using <a href="https://jwt.io/">JWT</a>
tokens which are generated server-side. Upon signing in, a user is given a unique
token containing non-sensitive user information which is stored client-side as a
browser cookie.
</span>
</div>
</li>
<li>
<div class="collapsible-header">
<i class="material-icons">vpn_key</i>
Password hashing
</div>
<div class="collapsible-body">
<span>
Passwords are salted and hashed server-side and stored in the
user database. Passwords are hashed using PHP's bcrypt algorithm.
</span>
</div>
</li>
<li>
<div class="collapsible-header">
<i class="material-icons">https</i>
HTTPS support
</div>
<div class="collapsible-body">
<span>
This website uses HTTPS (HTTP over SSL) to communicate between client
and server. All HTTP requests and responses are securely encrypted before
being sent. HTTPS makes use of public-key cryptography.
</span>
</div>
</li>
</ul>
</div>
</div>
<?php
include 'template/footer.html';
?>
You can’t perform that action at this time.