Erkana

Derek Jones edited this page Jul 5, 2012 · 17 revisions
Clone this wiki locally

Introduction

User Authentication is something that many CodeIgniter developers face every single day - there are tons of libraries out there to help in doing this as well. In my opinion though, most of them are to bloated for my use.

My goal with this library was to create a small set of methods and helpers that would prove useful for a variety of user authentication while not hijacking the framework and forcing you to adopt the practices that library dictates.

To use the library, after installation, include the following in your controller methods (or in the constructor). The helper will be loaded automatically:

$this->load->library('Erkanaauth');

The library only has one requirement - you have a table (users) with an id field. If you would like to use the role system, you’ll need a table (roles) with 2 fields (id and name).

The library and its helper functions

try_login($condition = array())

This method attempts to log the user in using an array of conditions. Upon success it will store the user’s ID in a session variable. A great way to use this method is within the callback of a login form:


function login() {
  $this->load->library('validation');
  // Validation Rules and Fields
  if ($this->validation->run()) {
    redirect('admin/index');
  } else {
    $this->load->view('admin/login');
  }
}
 
function _check_login($username) {
  $this->load->helper('security');
  $password = dohash($this->input->post('password'));
  if ($this->erkanaauth->try_login(array('username'=>$username, 'password'=>$password))) {
    return TRUE;
  } else {
    $this->validation->set_message('_check_login', 'Incorrect login info.');
    return FALSE;
  }
}

try_session_login()

This method will attempt to see if the user is currently logged in by checking if there is a session variable named user_id. If so, it will check to verify that is a valid user ID, and will return TRUE if both cases are met satisfactorily (otherwise, it will return FALSE).

This function is great for the pages within your admin area that are protected:

function index() {
  if (!$this->erkanaauth->try_session_login()) {
    redirect('admin/login');
  }
}

logout()

The simplest of all the methods - it merely logs the user out be setting their user ID session variable to FALSE. This method does not return anything (as the chance for failure is virtually impossible).


function logout() {
  $this->erkanaauth->logout();
  redirect('admin/login');
}

getField($field = ”)

This method is also a helper (therefore it can be used in either the controller or the view). It simply returns a field from the users table and is great for returning a username, date created, whether the user is active, etc. The example below is from a view file:


Welcome, <?= getField('username'); ?>!

getRole()

This method is also a helper (therefore it can be used in either the controller or the view). It returns the user’s role. A user’s role is defined as an integer within the role_id field of the users table, and corresponds to a name field (VARCHAR) within the roles table. The example below comes from a view:

<ul id="nav">
  <li>&lt;?= anchor('admin/pages', 'Pages'); ?&gt;</li>
  &lt;? if (getRole() == 'admin') { ?&gt;
    <li>&lt;?= anchor('admin/users', 'Users'); ?&gt;</li>
  &lt;? } ?&gt;
</ul>

Once again, this library requires a table named users with an ID field - any other information is yours to define (may I recommend a username, email, password, and created_on field)? If you would like to use the getRole() method/helper, you will need a table named roles with id and name fields (you can use the following SQL query):

CREATE TABLE `roles` (
  `id` smallint(5) UNSIGNED NOT NULL AUTO_INCREMENT,
  `name` varchar(10) collate latin1_general_ci NOT NULL,
  PRIMARY KEY  (`id`),
  UNIQUE KEY `name` (`name`)
);

Download

download download from mirror, extract and copy into your CodeIgniter /system/ directory.

Category:Libraries::Community Category:Libraries::Authorization Category:Libraries::Authentication Category:Libraries::Authorization Category:Libraries::Authentication Category:Contributions::Libraries::Authentication