Clone this wiki locally
Sentry is not compatible with CodeIgniter 1.5+. See http://codeigniter.com/forums/viewthread/45791/P75/ for discussion. This page exists for historical purposes only.
A simple security system [version 0.8.9].
The user authorization system that handles login and registration of users. It uses a configuration database table to store user information and stores minimal information in the session.
Registration, with security code image and activation.
Forgotten password reset.
Auto-login via cookie.
Support for multiple languages.
The Sentry system is made up of the following components:
SentryLib core library class in the system\library\Sentry.php - SentryLib core library handles the heavy lifting of performing the security functions.
The initializer in the system\init\init_sentry.php - The Sentry installation script installs the sentry class once and only once.
The configuration in the system\application\config\sentry.php - The configuration allows you to set various configuration options and tailor the sentry library to your system without a lot of reworking of code.
The sentry helper file in system\helper\sentry.php - Sentry helper wraps SentryLib calls to make them easier to use from views.
The Sentry controller class in the system\application\controllers\sentry.php - System controller class routes calls to the SentryLib library.
View in the system\application\views\sentry
Sample Welcome controller and welcome_message view that shows simple usage.
- NativeSession (included)
- Sentry (included)
- Database (MySQL sample scripts for user and country tables included)
- Filters_system - Sentry includes a sample filter and filter configuration scripts.
The zip file contains the Sentry and the NativeSession library files. Simple unzip them to your Code Igniter location. The zip file contains the correct directory structure for a standard Code Igniter installations.
If you have a non-standard installation, I would recommend installing the NativeSession and Sentry libraries to the system\libraries folder so that is is available across applications. The init script can handle the sentry system being in either the application or system libraries folder.
If you wish to use it with the Filter system, see the Filters_system wiki.
Autoload the following core libraries by editing the $autoload['core'] array in your application\autoload.php config:
'database', 'nativesession', 'sentry'
Autoload the following helpers by editing the $autoload['helper] array in your application\autoload.php config:
'array', 'form', 'sentry', 'url'
Almost all the configuration for the sentry system can be done via the application\sentry.php. Almost anything from table and field names to views to security can be configured without any code changes to the sentry system.
You will also need to specify a database.php and email.php configuration scripts. See the Code Igniter User Guide Email chapter, Guide Setting Email Preferences section, for information on email configuration. See the Code Igniter User Guide Database chapter, Database Configuration section, for information on database configuration.
Lastly, in order to use the security_code feature, you will need to enable the GD/GD2 image manipulation library. See the Code Igniter User Guide Image Manipulation chapter.
A system account has been provided with the database scripts. It has a user name of 'system' and a password of 'changeme'.
Use of the Sentry system is as easy as calling the check() method as follows:
Make sure you declare a definition for obj as follows:
$this->obj =& get_instance();
The check() method determines if a user is logged on and if not redirects them to a login page. You can use the check() method either in the controller constructor in order to secure an entire controller such as an admin controller or from individual actions. The check() method only ever returns a true value.
Other useful methods are:
isValid() library or helper methods are places you can check for whether a user has been authenticated.
isAdmin allows you to use a user authorization system to determine if user is an admin.
hasPermission allows you to use a user authorization system to determine if a user has a specific permission (or priviledge).
getUserName returns the name of the logged in user.
getSecurityRole returns the name of the security role of the logged in user.
getSecurityRoleId returns the id of the security role of the logged in user.
These methods can be called from the sentry object, i.e.
, for use in controllers or as a helper method, i.e.
Sentry\index action called. -> Displays view specified by the 'sentry_login_view' config property. Sentry\login action called by form submittal. -> If failure, calls the Sentry\index action and displays flash error messages. -> If successful... -> -> Updates the Last Visit user information. -> -> Creates the sentry session information. -> -> Creates a sentry cookie if auto-login was requested. -> -> Calls the action specified by the 'sentry_login_success_action' config property.
Sentry\logut action called. -> Calls the action specified by the 'sentry_logout_success_action' config property. -> If failure, displays a flash error messages. -> If successful... -> -> Deletes the sentry session information. -> -> Deletes the sentry cookie information.
Sentry\register_index action called. -> Displays view specified by the 'sentry_register_view' config property. Sentry\register action called by form submittal. -> If failure, calls the Sentry\register_index action and displays form error messages. -> If successful... -> -> Saves the user data. -> -> Sends out an activation email based on the template specified in the 'sentry_activation_email' config property. -> -> Displays the view specified by the 'sentry_register_success_view' config property. -> -> Note: user will not be able to login until after activation.
Sentry\activation action called. -> If failure, displays the view specified by the 'sentry_register_activation_failed_view' config property. -> If successful... -> -> Sets the user account as active. -> -> Displays the view specified by the 'sentry_register_activation_success_view' config property.
Forgotten Password sequence
Sentry\forgotten_password_index action called. -> Displays view specified by the 'sentry_forgotten_password_view' config property. Sentry\forgotten_password action called by form submittal. -> If failure, calls the Sentry\forgotten_password_index action and displays form error messages. -> If successful... -> -> Sends out an forgotten password email based on the template specified in the 'sentry_forgotten_password_email' config property. -> -> Displays the view specified by the 'sentry_forgotten_password_success_view' config property.
Forgotten Password Reset sequence
Sentry\forgotten_password_reset action called. -> If failure, displays the view specified by the 'sentry_forgotten_password_reset_failed_view' config property. -> If successful... -> -> Resets the user's password to a random password. -> -> Sends out an forgotten password reset email based on the template specified in the 'sentry_forgotten_password_reset_email' config property. -> -> Displays the view specified by the 'sentry_forgotten_password_reset_success_view' config property.
Changing password, and user validation
In the Sentry controller, there are two methods (password_check and username_check) that use a regular expression to test for only alpha, digits, underscore and dash characters and starting with only an alpha character. The min/max can be changed through the sentry configuration.
Adding new registration fields
You can add new registration fields to your registration form with changes to the config, controller and the views\sentry\register.php view.
-> Add a new 'sentry_field' and 'sentryvalidation_register' properties to the application\config\sentry.php config file. -> Add a new 'sentry_label' property to the system\language\en\sentry_lang.php language file.
-> Add the the HTML form elements to the application\views\sentry\register.php view.
-> In the application\controllers\sentry.php controller do the following: -> -> In the additionalFields method, add the following line: $fields[$this->config->item('sentry_field')] = $this->config->item('sentryfield_label'); -> -> In the additionalRegistrationRules method, add the following line: $rules[$this->config->item('sentryuser_field')] = $this->config->item('sentryuser_field_validation_register'); -> -> In the getRegistrationForm method, add the following line: $values[$this->config->item('sentryfield')] = $this->obj->input->post($this->obj->config->item('sentry_field'));
Go to the \sentry\register URL and you should see your new field(s) in the registeration form.
Code can be found here.
Discussion can be found here.