The Finals: Community Arena (Non Academic Project)

websiteimage

Creators: Matthew Caldwell, Aaron Luciano, Tyler Meyer

The Finals is a new video game that my friends and I enjoy playing. Being newly released, there wasn't much community support behind the game, so we set out to create a website that would serve as a hub for people looking to find others to play with in pick-up games. While Aaron worked on front-end and Tyler worked on the lobby system, I worked on back-end (login system, user database, and user data integrity). Below are graphics I created. While I am not publicly sharing code of this project on here, if you are a curious employer feel free to reach out to me for source code!


Some security features I implemented

- Password hashing using Bcrypt/PHP's password_hash & password_verify function
- SQL Injection prevention using $stmt (prepared statements)
- Secure cookies & HTTP only cookies to prevent XSS and man-in-the-middle attacks
- Session regeneration with session_regenerate_id() to prevent fixation attacks

flowchart

Database Workflow

When designing the login system, I wanted to give the user both the option to create an account with an email and password or use steam's api to login with their steam account. I created the graphic above to visualize the flow process of logging in and the relationship between different php pages and the user-db. All of the php/html pages featured in this graphic were designed and written by me.

loginprocess

Login Process Concept

Above is a graphic I created to help me visualize how the login process would work. I was initially worried about users finding edge-cases that break the website so I wanted to ensure that I had accounted for all possible scenarios when someone was browsing our site.