AREST

AREST, short for RESTful Authentication, is a secure login script for PHP 4/5. The script adheres to the HTTP specification and the principles of REST. Cookies are not used, and session IDs are never injected into your URLs.

With the support of JavaScript and XMLHttpRequest, web browsers can authenticate users with HTTP Authentication through an HTML form. Because this process usually relies on Basic authentication, Digest parameters are sent through a Basic Authorization header to provide a secure login mechanism.

Web browsers that do not support XMLHttpRequest or don’t resend credentials will bypass the HTML form and use Digest access directly.

For security, user logins are set to expire after a set amount of time. Cross-domain authentication is also supported, and users can logout.

AREST is licensed under the LGPL.

Please contact me if you find bugs or have any suggestions for AREST!

Copyright © 2010 TravisCE.com. All Rights Reserved.