common auth API for CI

Goals

This page is a kind of RFC for building a common API for authentication libraries. Since there is no such core lib, at least we could decide a common interface.

here is the forum thread

Feel free to add/edit/delete, but if you do so, please fill in the small notes field below the edit area.

structure

Quoting benlm, we could start with this structure:

Level 1 would be a library which would have functions like login, logout, register etc. that handle the DB manipulation, sessions, etc. but no views.

Level 2 would have the basic form validation and processing code with defined form parameters and a dead-simple sample view for each (No flash messages, no containers/templates etc.)

Level 3 would have the kitchen sink (views,flash messages, emails sent on password change, etc. with a million configurable parameters)

components

permissions

user group or level

permissions levels

acl

...

'inside code checking'

...

user interface

registration

config for manual or automatic activation

custom user profiles

...

remember me

remember login ID only or password also

password reset

...

password change

...

retrieve user info

security

captcha

...

track logged in users

...

enable black list / kick out

...