I'm sure someone out there has done a login via ajax. What's the securest way to pass a username and password into the server.
Currently, I have the case where a user desires to register for an event. If the user is not logged in, he/she is presented with a login form that has a "Register for this Event" and hidden fields with event info, etc. If the user authenticates properly, there will be no issue and I'd be able to log the user in and register that user for that event. However, if the user mistypes his/her password, I have an issue. So, I'd have to take the user to another login form, retain all the "desired action" information (this could be something other than event registration) and continue this until the user authenticates properly. However, if I can authenticate that user before I have to take them away from that inital form, I can just keep them there until they authenticate properly, then move ahead once they do. Is an ajax submission even the way to go? I'm looking for ideas out there from you wonderful developers.