Development Discussion Board

Just something I was briefly thinking about regarding API authentication, I thought I might as well write it down here.

What I would do is employ a TOTP approach for the tokens, that way the actual token for each request is unique and only ever used once and the tokens will be near impossible to be ...

I will apologize in advance, because I don't have the time to read this entire topic.

When it comes to authenticating API's it is less about how the authentication is done, as long as it is token based. If the token is compromised (even if it expires and is refreshed periodically) it is pretty ...

I got a simple proposal, probably not something everyone would need but at the same time I think it is too insignificant to "mod" my phpBB installation for it.

I will admit I have not been following the hooks discussion for 3.1 very closely and perhaps this is easily doable with the hooks, in which ...

if(!defined('IN_PHPBB')) {
die("<strong>Illegal Access!</strong>");
}

$phpEx = substr(strrchr(__FILE__, '.'), 1);
$phpbb_root_path = "path/to/phpbb/";

include($phpbb_root_path . 'common.' . $phpEx);
include($phpbb_root_path . 'includes/functions_display.' . $phpEx);

// Start session management ...