2 posts tagged with "authentication"

We already covered the server-rendered To-Do list — HTML forms, sessions, the works. This time we'll build its API counterpart: a stateless JSON REST API where clients authenticate with a JWT and every task belongs to the user who created it.

By the end you'll have register/login endpoints that hand out a token, and a full set of CRUD routes that only ever touch the current user's tasks.

Asking users to invent yet another password is friction you don't need. In this post we'll add "Login with GitHub" to an existing BowPHP application using the official bowphp/soauth package — and then persist the authenticated user so the rest of the app can use it.

The exact same flow works for Google, Facebook, GitLab, Instagram, and LinkedIn: only the credentials change.