AREST, short for RESTful Authentication, is a secure login script for PHP 4/5. The script adheres to the HTTP specification and the principles of REST. Cookies are not required, and session IDs are never injected into your URLs.
Web browsers that do not support XMLHttpRequest or don’t resend credentials will bypass the HTML form and use Digest access directly.
For security, user logins are set to expire after a set amount of time. Cross-domain authentication is also supported, and users can logout.
AREST is licensed under the LGPL.
I have not been actively developing AREST since January 2011. Digest authentication with all the goals mentioned above is surprisingly difficult to implement. Especially making it cross-browser compatible. I have been considering a redesign for simplicity and more specific goals.
If you consider using AREST, please be sure to thoroughly test with the browsers you want to support.
Please contact me if you find bugs or have any suggestions for AREST!
Copyright © 2016 TravisCE.com. All Rights Reserved.