DEV Community

Discussion on: Chat Application using PHP

reegodev profile image
Matteo Rigon

Please do not create your own auth implementation, you will regret it eventually ( there's a big yellow box in uniqid manual that says you should never use it to salt passwords).
Use one of the many well-known, tested and audited auth libraries.
If you really wanna learn how to implement a custom authentication I suggest you to browse the source code of said libraries and see how they handle it.

Thread Thread
joelbonetr profile image

There's nothing bad on implementing own auth if you're a senior dev and you know all about what it implies. Specially when working on a big company and being in need to create a self implemented auth to avoid extra costs of Auth APIs (Oauth, Oauth2, SSO ...), you just need to pass a security audit and the tests after building it and before linking your services to it on production