Building a CHAP Login System: An Object-Oriented Approach
Welcome to the last part of the series “Building a CHAP login system.” In three parts, this tutorial provides the basics for building secure login forms, by utilizing the Challenge Handshake Authentication Protocol (known popularly as CHAP). The programming foundation of the system resides primarily on the implementation of the cryptographic MD5 hashing algorithm in JavaScript for sending out encrypted data to the server, which in turn authenticates the client.
Building a CHAP Login System: An Object-Oriented Approach (Page 1 of 4 )
Introduction
Referring back to the previous article, strong attention was put on developing some PHP functions, which together comprised the core engine for generating random strings, as well as registering session variables. The JavaScript code was able to use this random value and build up the proper MD5 hashes to be transmitted to the server.
Asides from explaining a procedural approach for generating server-side random seeds, I introduced some modifications to the original JavaScript program with the purpose of providing an updated method for performing data validation, even when this topic is out of the article’s scope.
In this final part of the series, I shall do two things. First, I will provide a quick overview of the CHAP login system I developed. Second, I’ll focus on the makings of a PHP class for encapsulating all the required processing for generating random seeds and managing session variables. The starting point for building the wrapping class will be the procedural script that you saw in the previous part of the series.
With the objectives of the articles clearly defined, let’s get started.
JavaScript 
Building a CHAP Login System: Coding Server-Side Random Seeds
