Fall 2014

Lab07
Biag's Library with Authentication

Due: Wednesday December 11, 2013 11:59 PM

Lab07 - Biag's Library with Authentication

Requirements

All basic book CRUD abilities are present5 pts
Anyone can view the book list and book details5 pts
Only a logged in administrator can add, edit, or delete books20 pts
CRUD capabilities for administrators is provided20 pts
Only logged in administrators can access the administrator CRUD pages15 pts
A login page is provided and works correctly20 pts
The ability to logout is provided10 pts
The application is easy to use and friendly to all users5 pts
Total100 pts

Resources

Objective

To work with sessions to provide authentication

Instructions

Biag likes what you've provided for him to manage his library of books, so much that he wants to go public with it, but he's concerned about security. The problem is that if his library app is available online then anyone on the internet will be able to add, edit, or delete his books.

What he would like for you to do is to provide a way that he can maintain all of the capabilities in the app that he currently has but that the general public will only be able to view the list of his books and their details.

To do this you explain to him that you'll need to implement an authentication system for his site where he'll be able to login to gain access to the abilities to add, edit, and delete books, others who cannot login will only be able to view his books. He's okay with this but insists that he also be able to easily add other people to the list of authorized users so he can allow other trusted people to manage his library on his behalf.