Authentication and Registration

Vanguard - Advanced PHP Login and User Management Vanguard - Advanced PHP Login and User Management / Last updated on October 29, 2018

Logging In

After accessing any Vanguard-protected URL, a user will automatically be redirected to the Login Page. Users are able to log in by typing their username (or email) and password, or by using some of Social Authentication options (if enabled). The login form is displayed below:

BN0t65FLffA2LnWK1SAN2RdObVuRDud7atH1dP3J.png

Two-Factor Token

If Two-Factor Authentication is enabled for a specific user, after entering correct username/email and password combination, he will be redirected to Two-Factor Token page displayed below, to enter Authy 2FA token. This means that user has to download the secure Authy app on his mobile phone and use the token value available upon application installation.

viaC8uUNd815qSgNK0a1MPHuoo9kz0IPHCPAhkEi.png

After entering the 2FA token, Vanguard will contact Authy servers to check the token value, and, only if the token is correct, a user will be logged in.

Registration

Since registration can be completely disabled inside application settings, the registration form is only accessible if registration is enabled.

Users are able to access the registration form and create a new account by clicking the Sign Up link on the login page and fill up the registration form.

Y4LcSrf8PWejFrADVr7Fan9Kb5PLu1muuranXFo2.png

If it is enabled inside application settings, a user also has to confirm that they are humans by passing Google reCAPTCHA test.

After successful registration, depending on application settings, a user has to confirm their email address if they want to log in for the first time. If email confirmation is disabled by the system administrator, users will be able to log in right after successful registration.

Password Reset

In case that some user forgot his password, he will be able to reset it from Forgot Password form available, after clicking I forgot my password link on a login page.

iqTFYw8pkUmhnVe29KNsNMsP4ORf1EsWKpliMlyQ.png

wASmFuFWzOD23tfhnm4GyfyNah3gr95Fd61WCUGY.png

Note! Password reset page is accessible only if that option is enabled by the system administrator.

After filling in the email used for that account, a user will receive a password reset email with a password reset link. That link will be available for a predefined period of time, which is, again, defined by system administrators inside application settings.

When a user clicks on received password reset link, password reset form will be displayed and it will allow them to enter their new password.

NbludkxxP28CUUuqzRXC4BWEt7xosnshlDeH8kx7.png