The aim of this lab is to require you to understand user authentication and authorisation and session variables.
Create a table
with a username or email as primary key, a password, and first and last
Modify code from the list-detail example to show a list of user names and details of single users (instead of item summaries and details).
Implement scripts for registering or adding a new user, allowing a registered user to login, and allowing a logged-in user to logout. Only one user can be logged in (from a given browser) at the same time.
Store the username (or email) entered in the login form in a session variable, so that if the username/password is incorrect, you can redirect back to the login form with the username already entered in the form.
Remember which user, if any, is currently logged in in a session variable. Display the real name of the user, if any, who is currently logged in in each page header.
Modify the list-detail application so that all users can view the list of user names but only logged-in users can view the details of users.
Allow a user to update or delete a profile (a) if the user is currently logged in and (b) if it is the user's own profile. (Users can not update or delete other users' profiles.)
This modification can be done either
I think the first approach is preferable and simpler. With this approach, you have to compare the key of the currently logged-in user with the key of the user whose profile you are trying to update or delete in the user details template.
Complete Task 1.
The task is required for Assignment 2.