Authentication of users
With nearly every sufficiently sized web application, we will ultimately need our application to support the storage and authentication of users in order to ensure that the users working with our application are who they claim to be. With web applications, we typically handle authentication through a public identity (such as an e-mail address) and a secret that the user knows (such as a password). Depending upon the sensitivity of our data and our threat model, we can also extend our authentication process to include a two-factor authentication code issued either through an SMS text message or a two-factor authentication application, such as Authy or Google Authenticator. In this section, we'll cover how to implement basic authentication with Yii2 and explore how we can enhance the security of our users through the authentication process.
In Yii2, authentication is managed through the user component and is defined in our config/web.php application configuration file...
