I am currently writing a dissertation on Internet security. I am focused on using authentication libraries in web applications. As part of this, I am writing a library for CodeIgniter to provide a one-way authentication type by implementing support for multiple OAuth providers.
My questions for you community:
- What makes a good authentication library?
- How should it be structured and to what extent should it abstract the authentication process?
- What factors will influence your division on the choice of one library over another?
So far, my thoughts have been on speed, simplicity of code, ease of implementation for an application developer, and most importantly, the actual security of the product.
Any feedback would be highly appreciated. Many thanks.
source share