Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Updated to 1.0.4

  • Loading branch information...
commit 61da4231fbb493a3510642f0961002f081248c9f 0 parents
Adam Griffiths authored
25 config/Auth.php
@@ -0,0 +1,25 @@
+<?php
+
+/**
+* The array which holds your user groups and their ID.
+* If you have a database table for groups, these ID's must be the same as in the database.
+*/
+$config['auth_groups'] = array(
+ 'admin' => '1',
+ 'editor' => '2',
+ 'user' => '100'
+ );
+
+/**
+* The default URI string to redirect to after a successful login.
+*/
+$config['auth_login'] = 'admin/';
+
+
+/**
+* bool TRUE / FALSE
+* Determines whether or not users will be remembered by the auth library
+*/
+$config['auth_remember'] = TRUE;
+
+?>
58 controllers/admin.php
@@ -0,0 +1,58 @@
+<?php
+
+class Admin extends Application
+{
+ function Admin()
+ {
+ parent::Application();
+ }
+
+ function index()
+ {
+ if($this->auth->logged_in())
+ {
+ echo("This is the admin section.");
+ }
+ else
+ {
+ echo("This is the client section.");
+ }
+ }
+
+ function admin_area()
+ {
+ // This is only accessible to admins
+ $this->auth->restrict('admin');
+ echo("admin area");
+ }
+
+ function editor_area()
+ {
+ // This is accessible to editors and admins
+ $this->auth->restrict('editor');
+ echo("editor area");
+ }
+
+ function user_area()
+ {
+ // This is accessible to all users
+ $this->auth->restrict('user');
+ echo("user area");
+ }
+
+ function users_area()
+ {
+ // This is accessible to all users too
+ $this->auth->restrict();
+ echo("user area");
+ }
+
+ function just_user()
+ {
+ // This is accessible to only 'users'
+ $this->auth->restrict('user', TRUE);
+ echo("user area only");
+ }
+}
+
+?>
10 controllers/index.html
@@ -0,0 +1,10 @@
+<html>
+<head>
+ <title>403 Forbidden</title>
+</head>
+<body>
+
+<p>Directory access is forbidden.</p>
+
+</body>
+</html>
46 dump.sql
@@ -0,0 +1,46 @@
+-- phpMyAdmin SQL Dump
+-- version 2.10.2
+-- http://www.phpmyadmin.net
+--
+-- Host: localhost
+-- Generation Time: Feb 24, 2009 at 09:12 PM
+-- Server version: 5.0.41
+-- PHP Version: 5.2.5
+
+SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
+
+--
+-- Database: `ci_auth`
+--
+
+-- --------------------------------------------------------
+
+--
+-- Table structure for table `users`
+--
+
+CREATE TABLE `users` (
+ `id` int(11) NOT NULL auto_increment,
+ `username` varchar(255) NOT NULL,
+ `email` varchar(255) NOT NULL,
+ `password` varchar(255) NOT NULL,
+ `group_id` int(11) NOT NULL default '100',
+ `identifier` varchar(255) NOT NULL,
+ `token` varchar(255) NOT NULL,
+ PRIMARY KEY (`id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+CREATE TABLE `groups` (
+`id` int(11) NOT NULL,
+`title` varchar(20) NOT NULL default '',
+`description` varchar(100) NOT NULL default '',
+PRIMARY KEY (`id`));
+
+CREATE TABLE IF NOT EXISTS `ci_sessions` (
+session_id varchar(40) DEFAULT '0' NOT NULL,
+ip_address varchar(16) DEFAULT '0' NOT NULL,
+user_agent varchar(50) NOT NULL,
+last_activity int(10) unsigned DEFAULT 0 NOT NULL,
+user_data text NOT NULL,
+PRIMARY KEY (session_id)
+);
10 index.html
@@ -0,0 +1,10 @@
+<html>
+<head>
+ <title>403 Forbidden</title>
+</head>
+<body>
+
+<p>Directory access is forbidden.</p>
+
+</body>
+</html>
12 language/english/auth_lang.php
@@ -0,0 +1,12 @@
+<?php
+
+$lang['insufficient_privs'] = "You do not have sufficient privileges to access this page.";
+$lang['username_callback_error'] = "The username was not found in our database.";
+$lang['reg_username_callback_error'] = "The username is in use, please select another username.";
+$lang['reg_email_callback_error'] = "The email is in use, please select another email.";
+$lang['login_details_error'] = "The username and password did not match our records, please try again.";
+$lang['max_login_attempts_error'] = "You have exceeded your maximum number of attempted logins, if you have forgotten your password, please consult the lost password form. You will be able to login again in 15 minutes.";
+
+$lang['logout_perms_error'] = "You have been logged out due to a permission error, please login again.";
+
+?>
10 language/english/index.html
@@ -0,0 +1,10 @@
+<html>
+<head>
+ <title>403 Forbidden</title>
+</head>
+<body>
+
+<p>Directory access is forbidden.</p>
+
+</body>
+</html>
348 libraries/Auth.php
@@ -0,0 +1,348 @@
+<?php
+ob_start();
+/**
+* Authentication Library
+*
+* @package Authentication
+* @category Libraries
+* @author Adam Griffiths
+* @link http://programmersvoice.com
+* @version 1.0.4
+*
+* Auth provides a powerful, lightweight and simple interface for user authentication
+*/
+
+class Auth
+{
+
+ var $CI; // The CI object
+ var $config; // The config items
+
+ /**
+ * Auth constructor
+ *
+ * @access public
+ * @param string
+ */
+ function Auth($config)
+ {
+ $this->CI =& get_instance();
+ $this->config = $config;
+
+ $this->CI->load->database();
+ $this->CI->load->helper(array('form', 'url', 'email'));
+ $this->CI->load->library('form_validation');
+ $this->CI->load->library('session');
+
+ $this->CI->lang->load('auth', 'english');
+
+ if($this->logged_in())
+ {
+ $this->_verify_cookie();
+ }
+ else
+ {
+ if(!isset($_COOKIE['login_attempts']))
+ {
+ setcookie("login_attempts", 0, time()+900, '/');
+ }
+ }
+ } // function Auth()
+
+ /**
+ * Restricts access to a page
+ *
+ * Takes a user level (e.g. admin, user etc) and restricts access to that user and above.
+ * Example, users can access a profile page, but so can admins (who are above users)
+ *
+ * @access public
+ * @param string
+ * @return bool
+ */
+ function restrict($group = NULL, $single = NULL)
+ {
+ echo("1<br />");
+ if($group === NULL)
+ {
+ echo("1.1<br />");
+ if($this->CI->session->userdata('logged_in') == TRUE)
+ {
+ echo("1.2<br />");
+ return TRUE;
+ }
+ else
+ {
+ echo("1.3<br />");
+ show_error($this->CI->lang->line('insufficient_privs'));
+ }
+ }
+ elseif($this->logged_in() == TRUE)
+ {
+ echo("2<br />");
+ $level = $this->config['auth_groups'][$group];
+ $user_level = $this->CI->session->userdata('group');
+
+ if($user_level > $level OR $single == TRUE && $user_level !== $level)
+ {
+ echo("2.1<br />");
+ show_error($this->CI->lang->line('insufficient_privs'));
+ }
+
+ return TRUE;
+ }
+ else
+ {
+ echo("3<br />");
+ redirect($this->config['auth_login'], 'refresh');
+ }
+ } // function restrict()
+
+
+ /**
+ * Log a user in
+ *
+ * Log a user in a redirect them to a page specified in the $redirect variable
+ *
+ * @access public
+ * @param string
+ */
+ function login($redirect = NULL)
+ {
+ $this->CI->form_validation->set_rules('username', 'Username', 'trim|required|min_length[4]|max_length[40]|callback_username_check');
+ $this->CI->form_validation->set_rules('password', 'Password', 'trim|required|min_length[4]|max_length[12]');
+ $this->CI->form_validation->set_rules('remember', 'Remember Me');
+
+ if($this->CI->form_validation->run() == FALSE)
+ {
+ if((array_key_exists('login_attempts', $_COOKIE)) && ($_COOKIE['login_attempts'] >= 5))
+ {
+ echo $this->CI->lang->line('max_login_attempts_error');
+ }
+ else
+ {
+ $this->CI->load->view('auth/login');
+ }
+ }
+ else
+ {
+ $username = set_value('username');
+ $auth_type = $this->_auth_type($username);
+ $password = $this->_salt(set_value('password'));
+ $email = set_value('email');
+
+ if(!$this->_verify_details($auth_type, $username, $password))
+ {
+ show_error($this->CI->lang->line('login_details_error'));
+ }
+
+ $userdata = $this->CI->db->query("SELECT * FROM `users` WHERE `$auth_type` = '$username'");
+ $row = $userdata->row_array();
+
+ $data = array(
+ $auth_type => $username,
+ 'username' => $row['username'],
+ 'user_id' => $row['id'],
+ 'group' => $row['group_id'],
+ 'logged_in' => TRUE
+ );
+ $this->CI->session->set_userdata($data);
+
+ if($this->config['auth_remember'] === TRUE)
+ {
+ $this->_generate();
+ }
+
+ redirect($redirect);
+ }
+ } // function login()
+
+
+ /**
+ * Logout - logs a user out
+ *
+ * @access public
+ */
+ function logout()
+ {
+ $this->CI->session->sess_destroy();
+ $this->CI->load->view('auth/logout');
+ } // function logout()
+
+
+ /**
+ * Register a new user
+ *
+ * Register a user and redirect them to the success page
+ *
+ * @access public
+ * @param string
+ */
+ function register()
+ {
+ $this->CI->form_validation->set_rules('username', 'Username', 'trim|required|min_length[4]|max_length[40]|callback_reg_username_check');
+ $this->CI->form_validation->set_rules('password', 'Password', 'trim|required|min_length[4]|max_length[12]|matches[conf_password]');
+ $this->CI->form_validation->set_rules('conf_password', 'Password confirmation', 'trim|required|min_length[4]|max_length[12]|matches[password]');
+ $this->CI->form_validation->set_rules('email', 'Email', 'trim|required|valid_email|callback_reg_email_check');
+
+ if($this->CI->form_validation->run() == FALSE)
+ {
+ $this->CI->load->view('auth/register');
+ }
+ else
+ {
+
+ $username = set_value('username');
+ $password = $this->_salt(set_value('password'));
+ $email = set_value('email');
+
+ $this->CI->db->query("INSERT INTO `users` (username, email, password) VALUES ('$username', '$email', '$password')");
+
+ $userdata = $this->CI->db->query("SELECT * FROM `users` WHERE `username` = '$username'");
+ $row = $userdata->row_array();
+
+ $data = array(
+ 'username' => $username,
+ 'user_id' => $row['id'],
+ 'group' => $row['group_id'],
+ 'logged_in' => TRUE
+ );
+ $this->CI->session->set_userdata($data);
+
+ if($this->config['auth_remember'] === TRUE)
+ {
+ $this->_generate();
+ }
+
+ $this->CI->load->view('auth/reg_success');
+ }
+ } // function register()
+
+
+ /**
+ * Check to see if a user is logged in
+ *
+ * Look in the session and return the 'logged_in' part
+ *
+ * @access public
+ * @param string
+ */
+ function logged_in()
+ {
+ if($this->CI->session->userdata('logged_in') == TRUE)
+ {
+ return TRUE;
+ }
+ else
+ {
+ return FALSE;
+ }
+ } // function logged_in()
+
+
+ /**
+ * Check to see if a user is logging in with their username or their email
+ *
+ * @access private
+ * @param string
+ */
+ function _auth_type($str)
+ {
+ if(valid_email($str))
+ {
+ return 'email';
+ }
+ else
+ {
+ return 'username';
+ }
+ } // function _auth_type()
+
+
+ /**
+ * Salt the users password
+ *
+ * @access private
+ * @param string
+ */
+ function _salt($str)
+ {
+ return sha1($this->CI->config->item('encryption_key').$str);
+ } // function _salt()
+
+
+ /**
+ * Verify that their username/email and password is correct
+ *
+ * @access private
+ * @param string
+ */
+ function _verify_details($auth_type, $username, $password)
+ {
+ $query = $this->CI->db->query("SELECT * FROM `users` WHERE `$auth_type` = '$username' AND `password` = '$password'");
+
+ if($query->num_rows != 1)
+ {
+ $attempts = $_COOKIE['login_attempts'] + 1;
+ setcookie("login_attempts", $attempts, time()+900, '/');
+ return FALSE;
+ }
+
+ return TRUE;
+ } // function _verify_details()
+
+
+ /**
+ * Generate a new token/identifier from random.org
+ *
+ * @access private
+ * @param string
+ */
+ function _generate()
+ {
+ $username = $this->CI->session->userdata('username');
+
+ $token_source = fopen("http://random.org/strings/?num=1&len=20&digits=on&upperalpha=on&loweralpha=on&unique=on&format=plain&rnd=new", "r");
+ $token = fread($token_source, 20);
+
+ $identifier = $username . $token;
+ $identifier = $this->_salt($identifier);
+
+ $this->CI->db->query("UPDATE `users` SET `identifier` = '$identifier', `token` = '$token' WHERE `username` = '$username'");
+
+ setcookie("logged_in", $identifier, time()+3600, '/');
+ }
+
+
+ /**
+ * Verify that a user has a cookie, if not generate one. If the cookie doesn't match the database, log the user out and show them an error.
+ *
+ * @access private
+ * @param string
+ */
+ function _verify_cookie()
+ {
+ if((array_key_exists('login_attempts', $_COOKIE)) && ($_COOKIE['login_attempts'] >= 5))
+ {
+ $username = $this->CI->session->userdata('username');
+ $userdata = $this->CI->db->query("SELECT * FROM `users` WHERE `username` = '$username'");
+
+ $result = $userdata->row();
+
+ $identifier = $result->username . $result->token;
+ $identifier = $this->_salt($identifier);
+
+ if($identifier !== $_COOKIE['logged_in'])
+ {
+ $this->CI->session->sess_destroy();
+
+ show_error($this->CI->lang->line('logout_perms_error'));
+ }
+ }
+ else
+ {
+ $this->_generate();
+ }
+ }
+} // class Auth
+
+?>
81 libraries/MY_Controller.php
@@ -0,0 +1,81 @@
+<?php
+
+class Application extends Controller
+{
+
+ function Application()
+ {
+ parent::Controller();
+ $this->load->library('auth');
+ $this->load->database();
+ }
+
+ function login()
+ {
+ $this->auth->login();
+ }
+
+ function logout()
+ {
+ $this->auth->logout();
+ }
+
+ function register()
+ {
+ $this->auth->register();
+ }
+
+ function username_check($str)
+ {
+
+ $auth_type = $this->auth->_auth_type($str);
+
+ $query = $this->db->query("SELECT * FROM `users` WHERE `$auth_type` = '$str'");
+
+ if($query->num_rows === 1)
+ {
+ return TRUE;
+ }
+ else
+ {
+ $this->form_validation->set_message('username_check', $this->lang->line('username_callback_error'));
+ return FALSE;
+ }
+
+ } // function username_check()
+
+ function reg_username_check($str)
+ {
+ $query = $this->db->query("SELECT * FROM `users` WHERE `username` = '$str'");
+
+ if($query->num_rows <> 0)
+ {
+ $this->form_validation->set_message('reg_username_check', $this->lang->line('reg_username_callback_error'));
+ return FALSE;
+ }
+ else
+ {
+ return TRUE;
+ }
+
+ } // function reg_username_check()
+
+ function reg_email_check($str)
+ {
+ $query = $this->db->query("SELECT * FROM `users` WHERE `email` = '$str'");
+
+ if($query->num_rows <> 1)
+ {
+ return TRUE;
+ }
+ else
+ {
+ $this->form_validation->set_message('reg_email_check', $this->lang->line('reg_email_callback_error'));
+ return FALSE;
+ }
+
+ } // function reg_email_check()
+
+}
+
+?>
10 libraries/index.html
@@ -0,0 +1,10 @@
+<html>
+<head>
+ <title>403 Forbidden</title>
+</head>
+<body>
+
+<p>Directory access is forbidden.</p>
+
+</body>
+</html>
18 upgrade.sql
@@ -0,0 +1,18 @@
+ALTER TABLE `users` CHANGE `group_id` `group_id` INT( 11 ) NOT NULL DEFAULT '100';
+ALTER TABLE `users` ADD `token` VARCHAR( 255 ) NOT NULL ,
+ADD `identifier` VARCHAR( 255 ) NOT NULL ;
+
+CREATE TABLE `groups` (
+`id` int(11) NOT NULL,
+`title` varchar(20) NOT NULL default '',
+`description` varchar(100) NOT NULL default '',
+PRIMARY KEY (`id`));
+
+CREATE TABLE IF NOT EXISTS `ci_sessions` (
+session_id varchar(40) DEFAULT '0' NOT NULL,
+ip_address varchar(16) DEFAULT '0' NOT NULL,
+user_agent varchar(50) NOT NULL,
+last_activity int(10) unsigned DEFAULT 0 NOT NULL,
+user_data text NOT NULL,
+PRIMARY KEY (session_id)
+);
61 views/auth/login.php
@@ -0,0 +1,61 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Login</title>
+ <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+ <style type="text/css">
+ body
+ {
+ background-image: none;
+ background-color: white;
+ color: #454545;
+ background-repeat: no-repeat;
+ margin: 0;
+ font-family: Helvetica;
+ font-size: 12px;
+ }
+
+ #container
+ {
+ width: 100%;
+ }
+
+ #login
+ {
+ width: 726px;
+ margin: 0 auto;
+ margin-top: 140px;
+ }
+
+ .title
+ {
+ font-size: 14px;
+ }
+
+ .box
+ {
+ width: 726px;
+ padding: 15px;
+ }
+ </style>
+ </head>
+ <body>
+
+ <div id="container">
+
+ <div id="login">
+
+ <div class="title">Login</div>
+ <div class="box">
+ <form method="POST">
+ Username/Email:<br />
+ <input type="text" name="username" value="<?php echo set_value('username'); ?>" size="50" class="form" /><?php echo form_error('username'); ?><br /><br />
+ Password:<br />
+ <input type="password" name="password" value="<?php echo set_value('password'); ?>" size="50" class="form" /><?php echo form_error('password'); ?><br /><br />
+ <input type="submit" value="Login" name="login" />
+ </form>
+ </div>
+ </div>
+ </div>
+</body>
+</html>
57 views/auth/logout.php
@@ -0,0 +1,57 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Fresh</title>
+ <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+ <style type="text/css">
+ body
+ {
+ background-image: none;
+ background-color: white;
+ color: #454545;
+ background-repeat: no-repeat;
+ margin: 0;
+ font-family: Helvetica;
+ font-size: 12px;
+ }
+
+ #container
+ {
+ width: 100%;
+ }
+
+ #login
+ {
+ width: 726px;
+ margin: 0 auto;
+ margin-top: 140px;
+ }
+
+ .title
+ {
+ font-size: 14px;
+ }
+
+ .box
+ {
+ width: 726px;
+ padding: 15px;
+ }
+ </style>
+ </head>
+ <body>
+
+ <div id="container">
+
+ <div id="login">
+
+ <div class="title">Logout</div>
+
+ <div class="box">
+ You have been successfully logged out!
+ </div>
+
+ </div>
+ </div>
+</body>
+</html>
57 views/auth/reg_success.php
@@ -0,0 +1,57 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Fresh</title>
+ <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+ <style type="text/css">
+ body
+ {
+ background-image: none;
+ background-color: white;
+ color: #454545;
+ background-repeat: no-repeat;
+ margin: 0;
+ font-family: Helvetica;
+ font-size: 12px;
+ }
+
+ #container
+ {
+ width: 100%;
+ }
+
+ #login
+ {
+ width: 726px;
+ margin: 0 auto;
+ margin-top: 140px;
+ }
+
+ .title
+ {
+ font-size: 14px;
+ }
+
+ .box
+ {
+ width: 726px;
+ padding: 15px;
+ }
+ </style>
+ </head>
+ <body>
+
+ <div id="container">
+
+ <div id="login">
+
+ <div class="title">Success!</div>
+ <div class="box">
+ The user has been created, you have now been logged in.
+ </div>
+
+ <div class="box_bottom"></div>
+ </div>
+ </div>
+</body>
+</html>
67 views/auth/register.php
@@ -0,0 +1,67 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Fresh</title>
+ <meta http-equiv="content-type" content="text/html; charset=utf-8" />
+ <style type="text/css">
+ body
+ {
+ background-image: none;
+ background-color: white;
+ color: #454545;
+ background-repeat: no-repeat;
+ margin: 0;
+ font-family: Helvetica;
+ font-size: 12px;
+ }
+
+ #container
+ {
+ width: 100%;
+ }
+
+ #login
+ {
+ width: 726px;
+ margin: 0 auto;
+ margin-top: 140px;
+ }
+
+ .title
+ {
+ font-size: 14px;
+ }
+
+ .box
+ {
+ width: 726px;
+ padding: 15px;
+ }
+ </style>
+ </head>
+ <body>
+
+ <div id="container">
+
+ <div id="login">
+
+ <div class="title">Register</div>
+ <div class="box">
+ <form method="post">
+ Username:<br />
+ <input type="text" name="username" size="50" class="form" value="<?php echo set_value('username'); ?>" /><br /><?php echo form_error('username'); ?><br />
+ Password:<br />
+ <input type="password" name="password" size="50" class="form" value="<?php echo set_value('password'); ?>" /><?php echo form_error('password'); ?><br /><br />
+ Password confirmation:<br />
+ <input type="password" name="conf_password" size="50" class="form" value="<?php echo set_value('conf_password'); ?>" /><?php echo form_error('conf_password'); ?><br /><br />
+ Email:<br />
+ <input type="text" name="email" size="50" class="form" value="<?php echo set_value('email'); ?>" /><?php echo form_error('email'); ?><br /><br />
+ <input type="submit" value="Register" name="register" />
+ </form>
+ </div>
+
+ <div class="box_bottom"></div>
+ </div>
+ </div>
+</body>
+</html>
10 views/index.html
@@ -0,0 +1,10 @@
+<html>
+<head>
+ <title>403 Forbidden</title>
+</head>
+<body>
+
+<p>Directory access is forbidden.</p>
+
+</body>
+</html>
Please sign in to comment.
Something went wrong with that request. Please try again.