auth

Derek Jones edited this page Jul 5, 2012 · 49 revisions
Clone this wiki locally

Introduction

The user authorization system that handles login and registration of users based on the Sentry-system.(yes it is the modified Sentry. this one is working on CI 1.5.0.1 and higher) It uses a configuration database table to store user information and stores minimal information in the session.

Features

  • Login/logout functionality.
  • Registration, with activation.
  • Forgotten password reset.
  • Auto-login via cookie.
  • Support for multiple languages.

The Auth system is made up of the following components:

  • AuthLib core library class in the system\application\libraries AuthLib core library handles the heavy lifting of performing the security functions.

  • The configuration in the system\application\config\authconfig.php The configuration allows you to set various configuration options and tailor the auth library to your system without a lot of reworking of code.

  • The auth helper file in system\helper\auth_helper.php Auth helper wraps AuthLib calls to make them easier to use from views.

  • The Auth controller class in the system\application\controllers\auth.php System controller class routes calls to the AuthLib library.

  • View in the system\application\views\auth

  • Sample Welcome controller and welcome_message view that shows simple usage.

Requirements

Requires:

  • DBSession (included)
  • Auth (included)
  • Database (MySQL sample scripts for user and country tables included)

Database: Create the necessary tables in your database importing the following file:

Create the db_session table in your DB:

CREATE TABLE IF NOT EXISTS `ci_sessions` (
session_id varchar(40) DEFAULT '0' NOT NULL,
ip_address varchar(16) DEFAULT '0' NOT NULL,
user_agent varchar(50) NOT NULL,
last_activity int(10) unsigned DEFAULT 0 NOT NULL,
session_data text default '' not null,
PRIMARY KEY (session_id)
);

Files: The zip file contains the Auth and the DBSession library files. Simple unzip them to your Code Igniter location. The zip file contains the correct directory structure for a standard Code Igniter installations.

If you have a non-standard installation, I would recommend installing the DBSession and Auth libraries to the system\libraries folder so that it is available across applications. The init script can handle the auth system being in either the application or system libraries folder.

Autoload the following core libraries by editing the $autoload[’core’] array in your application\autoload.php config: 'database', 'db_session', 'authlib'

Autoload the following helpers by editing the $autoload[’helper] array in your application\autoload.php config: 'array', 'form', 'auth', 'url'

Almost all the configuration for the auth system can be done via the application\auth.php. Almost anything from table and field names to views to security can be configured without any code changes to the auth system.

You will also need to specify a database.php and email.php configuration scripts. See the Code Igniter User Guide Email chapter, Guide Setting Email Preferences section, for information on email configuration. See the Code Igniter User Guide Database chapter, Database Configuration section, for information on database configuration.

A system account has been provided with the database scripts. It has a user name of ‘system’ and a password of ‘changeme’.

Usage:

Use of the Auth system is as easy as calling the check() method as follows:

$this->authlib->check();

The check() method determines if a user is logged on and if not redirects them to a login page. You can use the check() method either in the controller constructor in order to secure an entire controller such as an admin controller or from individual actions. The check() method only ever returns a true value.

Other useful methods are:

  • isValidUser() library or helper methods are places you can check for whether a user has been authenticated.
  • isAdmin() allows you to use a user authorization system to determine if user is an admin.
  • asPermission() allows you to use a user authorization system to determine if a user has a specific permission (or priviledge).
  • getUserName() returns the name of the logged in user.
  • getSecurityRole() returns the name of the security role of the logged in user.
  • getSecurityRoleId() returns the id of the security role of the logged in user.

These methods can be called from the auth object, i.e.

$this->authlib->isValidUser()

for use in controllers or as a helper method, i.e. isValidUser() in views.

Download

Library: File:auth.zip SQL: File:auth_mysql.txt SQL(Postgres): File:auth_pg.zip

Links

The relevant [strike]forum thread[/strike] forum threads are here and perhaps here.

Notes

Bugfix for 1.5.2 - 2007-04-06: On system/application/controllers/auth.php on line 159 it must be

$this->load->vars($data)
```instead of ```php
$this->load->setdata($data)

Bugfix: On system/application/libraries/Authlib.php Add a hashed password to autologin cookie. Replace this file: system/application/libraries/Authlib.php with this: download: File:authlib_cookie.zip

Bugfix - 2008-08-24 in file \system\application\controllers\auth.php, line 232 should be: ```php $this->validation->set_message('username_duplicate_check', (omissis...));

instead of:  ```php
$this->validation->set_message('username_check', (omissis...));

Moreover, throughout the code (in \Controllers\auth.php and in Helpers\auth_helper.php and in most of views) a mix of Sentry and Auth language fields are used. I solved creating a copy of language\english\sentry_lang.php named auth_lang.php. In this second copy I renamed all the fields accordingly from "Sentry_" to "Auth_" and then i added a $this->lang->load('auth') where needed. Not a clean fix, but ijw :)

Category:Libraries Category:Libraries::Community Category:Libraries::Authentication