*Specification for login page*
We need a system for managing authentication to a web application. A user must login in order to use the website.
You will need to create the following:
* [url removed, login to view]: the page containing the login form
* [url removed, login to view]: a page that the user has to log in through [url removed, login to view] to get access to
The login form has the following fields:
* username (HTML text input field)
* password (HTML password input field)
* submit button
When the user clicks the submit button, he is either successfully authenticated (username and password matches), or he will be directed to the login form again for another attempt.
The user information is contained in a table in a MySQL database, with the following fields:
* Real name
* Email address
The Username and Password fields are used for authentication.
All pages will need a user to be authenticated first before the user can access them, except for the login page itself of course.
To help prevent unauthorized users from gaining access to the website, a login session should not last past the browser session. In other words, when the user closes and reopens the browser, he'll have to log in again before accessing any restricted pages.
When the user clicks the submit button and is successfully authenticated, he gets redirected to index.html. The redirection target has to be customizable so that the user can be redirected to the original page he tried to access
The default redirection target upon successful authentication must be configurable.
To help prevent unauthorized users from gaining access to the website, we also need logout functionality.