Series

Web Authentication Demystified — From Concepts to Real-World

This series breaks down modern web authentication, from core concepts like OAuth, OIDC, and tokens to real implementation details. You’ll learn how the pieces fit together and see how a production-ready system is built and secured.

Comparing OAuth2, OpenID Connect (OIDC), and SAML — With Real Examples
A practical comparison of OAuth2, OpenID Connect, and SAML—what problems they solve, how they work, and when to use each.
Dec 16, 20255 min read7
Redis as a Session Store for Scalable Web Architecture
How Redis enables fast, secure, and scalable session management in modern PHP-based web applications.
Dec 16, 20255 min read6
CloudFront Signed Cookies — How They Work and Why We Used Them
How signed cookies extend authentication to the CDN layer and securely protect static assets in a real-world system.
Dec 15, 20256 min read7
Implementing an OIDC Callback in PHP/Yii/HumHub (with Code Examples)
A practical, end-to-end guide to handling OIDC redirects, token exchange, identity mapping, and secure session creation inside a Yii/HumHub app
Dec 15, 20256 min read5
Lessons Learned & Practical Advice for Developers from my implemented Web App
Real-world insights from integrating an external IdP into a legacy PHP ecosystem—and what developers should know before building their own auth system
Dec 11, 20256 min read21
Security Analysis of my implemented Web App Authentication System
A detailed look at the security mechanisms behind the authentication flow—how threats are mitigated, tokens are validated, and sessions are protected
Dec 11, 20256 min read13

Command Palette