6 Replies Latest reply on Jan 7, 2010 9:42 AM by archenil

    Login with Flex and PHP

    archenil

      Hi,

       

      I'm writing a login page that will act as front end of our main Flex app and hope someone can fill in the blanks here...

       

      The Flex login page consists username, password input fields and a submit button. When a user enters his credentials and hit sumbit, HTTPService will send user's login info to the PHP script. This script will process authentication against MySQL database. If verified, two random user-created questions will be included in the resulting XML object. These two security questions will be displayed in the login page.

       

      I have already implemented these logics but was wondering....

       

      1. Assuming HTTPS and SSL will be in place in production, is it okay/safe to include the security answers in the XML and let Flex validate user's answers?
      2. After successful validation, how to redirect to the main page?
      3. I understand the idea of session ID, token and/or cookies, but do I need to implement this?
      4. How to do logout?

       

      Thanks very much in advance for your time and suggestion.