Jump to content


Check out our Community Blogs

Register and join over 40,000 other developers!


Recent Status Updates

View All Updates

Photo
- - - - -

Extending a User Management Module

authentication php security oop

This topic has been archived. This means that you cannot reply to this topic.
1 reply to this topic

#1 rhossis

rhossis

    CC Resident

  • Advanced Member
  • PipPipPipPip
  • 98 posts

Posted 19 July 2013 - 08:41 AM

Hi, I am working with an organization doing some work with Openbiz-Cubi php framework. We are working with enterprise clients and want to beef up the user module a bit. Below are a set of items we have come up with (some have already been implementted in a usercredentials service).  In your opinion, would these features be best implemented in monolithic structure or broken down to several classes? We are leaning on breaking down.

 

Also let me know if I may have left anything out. We have a class for TOTP provided by the MultiOTP classes.

 

The framework doesn not provide these features out of the box

 

The operating environment is primarily on private network.

 

    - add password entropy enforcement service and prevent repeat of passwords over a certain period/frequency

    - ability to set various user related attributes e.g. simultaneous logins allowed for users and usergroups, login devices allowed (mobile,browser,OS), login ip/hosts allowed, log in days of week, log in time allowed

    - ability to set up tenor of user in system e.g. account expire after 5 days

    - ability to for system to lock out users account for violation of any of the user policy set by admin

    - password expiry automatically on frequency set by admin

    - ability to authenticate via ldap

 

Kind regards,

Rhoss


Edited by rhossis, 19 July 2013 - 08:48 AM.


#2 SysCo

SysCo

    CC Lurker

  • Just Joined
  • Pip
  • 1 posts

Posted 29 August 2013 - 07:46 AM

Hello,

 

I'm the main developer of the multiOTP library (http://www.multiOTP.net). The next version 4.0.7 will be released tomorrow.

 

Best regards,

 

Andre