tags:

views:

40

answers:

2

Okay, so I'm not 100% sure what the best way to implement this is. I want to create my own little webapp that requires a login to work. I know how to authenticate, that's not the problem.

Either my index page redirects to a login.php page and allows you to log in then redirects you back to index or the index page detects that you're not logged in and instead of redirecting you, takes it upon itself to print a login form instead of the main content. Not sure if that's clear.

What are the advantages/disadvantages of each.

Thanks in advance!

(I'm thinking of using OpenID but forget about that for now, I'm just curious about what the best way to implement a login system from scratch is, with a separate page or everything in the index)

+1  A: 

Does the index page have to be behind a login-wall? Because, if so, either way you're going to end up hiding it from google, et al.

Generally speaking, though, I think it's much cleaner to have the login page at a separate URL. If for no other reason than viewing your server log / analytics and being able to determine how many people viewd the home page vs. how many viewed the login form.

Bobby Jack
Yeah, ideally you'd have to log in to access your information on this. It's just a personal project that I've decided to take on, a kind of GTD app to keep myself busy so SEO isn't a big issue right now.
alexcoco
+2  A: 

I prefer to have the login form on the front page, it's one less step for your frequent users to take to use your app.

However, it is also beneficial to have a separate, clutter-free login page for when incorrect login credentials are provided. That way, your users can easily identify what went wrong and not have all the distractions commonly associated to webapp front pages. I.E. error messages should be very obvious and don't have to take away from what's going on over on the front page. They can have their own space on a separate login page.

Check out facebook for example: they have a pretty good implementation of what I am describing.

jordanstephens
Second this. You should be able to login from the front page, if your credentials are invalid then you get redirected to the secondary page login page and you print any errors there. That way you are performing far less redirects, which will help cut down the server load a little bit, and also keep things clean and simple for your users.
Jervis
I was about to mention the facebook example but at the same time if you log in incorrectly they do send you to a separate page dedicated to login. Since the index page would be only a login page if you're not logged in, I wouldn't be showing anything else on the index page, they would look identical, except index would also serve another purpose. Maybe for the sake of simplicity and readability, the login should be separate but I do like the idea of having just one simple page to do it all; after all, it won't be a large system, just a small personal GTD project.
alexcoco