Tank Auth v1.0 (CI authentication library)

Tank Auth v1.0 (CI authentication library) - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=22)
+--- Thread: Tank Auth v1.0 (CI authentication library) (/showthread.php?tid=17515)

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45

Tank Auth v1.0 (CI authentication library) - El Forum - 07-27-2010

[eluser]Unknown[/eluser]
I really like tank_auth. I am using version 1.3

I would like to change the validation for the password. I would like to allow users to be able to use a password with special characters < for eg . 'pass1234%$' should work.' What do I need to do. Is it just to change the validation rule in auth.php controller?

Thank you for any help you can provide.

Tank Auth v1.0 (CI authentication library) - El Forum - 08-05-2010

[eluser]tunesmith[/eluser]
[quote author="TheFuteballer" date="1270329503"]I noticed that Tank_Auth redirects ONLY to the home page once a user logs in. Has anyone found a good solution to redirect to the referring page?

i.e. A user tries to access a protected portion of the side - www.example.com/admin , they go to the login page, but once they log in they get redirected to www.example.com instead of www.example.com/admin

I'd ideally like to avoid having to set a session variable that holds the current URL on each page (controller) that I want to protect.[/quote]

I can't think of a graceful way to do it without using session variables, but here's how I am doing it.

I have a secure controller that extends the normal CI controller. All my pages that require a login use a controller that extends this Secure controller:

Code:
abstract class Secure extends Controller

{

    function __construct()

    {

        parent::__construct();

        $this->load->helper('url');

        if (!$this->tank_auth->is_logged_in()) {

            $this->session->set_userdata('refer', uri_string());

            redirect('/auth/login/');

        } 

    }

}

(There's other stuff too but it's irrelevant)

Then, I extend CI's url_helper in helpers/MY_url_helper.php, overriding the redirect function:

Code:
function redirect($uri = '', $method = 'location', $http_response_code = 302)

    {

        $ci =& get_instance();

        if (!$uri && $ci->session->userdata('refer')) {

            $uri = $ci->session->userdata('refer');

            $ci->session->unset_userdata('refer');

        }

        if ( ! preg_match('#^https?://#i', $uri))

        {

            $uri = site_url($uri);

        }

        switch($method)

        {

            case 'refresh'    : header("Refresh:0;url=".$uri);

                break;

            default            : header("Location: ".$uri, TRUE, $http_response_code);

                break;

        }

        exit;

    }

That's the normal redirect function - the only new stuff is that first code block.

The advantage of this over the other suggested approach is that you don't have to change anything in tank_auth. You also don't have to set the referrer on a per-controller (or per-function) basis, and you don't have to deal with hidden variables in the login form.

I tried using flashdata but I think it doesn't work because I think the internal redirect counts as an extra server request.

Tank Auth v1.0 (CI authentication library) - El Forum - 08-09-2010

[eluser]billyjeans[/eluser]
It seems that clear_attempts should use the same creteria as get_attempts_num, otherwise the login attempts will not be cleared.

Code:
function clear_attempts($ip_address, $login, $expire_period = 86400)

    {

        /* modified to make it consistent with get_attempts_num

        $this->db->where(array('ip_address' => $ip_address, 'login' => $login));*/

        $this->db->where('ip_address', $ip_address);

        if (strlen($login) > 0) $this->db->or_where('login', $login);

        // Purge obsolete login attempts

        $this->db->or_where('UNIX_TIMESTAMP(time) <', time() - $expire_period);

        $this->db->delete(self::TABLE);

    }

Tank Auth v1.0 (CI authentication library) - El Forum - 08-14-2010

[eluser]Unknown[/eluser]
Hi guys,
First, I'm sorry for my bad english,

I found something strange about my application. I try to register & login with this library using default view and captcha enabled and everything is fine. Then i try load my own view to register & login, but everytime i try to login or register with captcha enabled, it always return an error "Your confirmation code has expired. Please try again."

I try to experiment a little, then I found that a <img> tag inside a view that contain the captcha image make the script won't works. When i remove all the <img> tag inside my view, the script is working again.

Can someone look into this problem, because i still want to show icons and images on my registration & login pages.

Tank Auth v1.0 (CI authentication library) - El Forum - 08-19-2010

[eluser]Met[/eluser]
I'm getting this error on login ~

Fatal error: Call to undefined method CI_Input::xss_clean()

any idea? Am using CI2.0 but I can't imagine this is the reason.

it's on one line in auth/login ~

Code:
// Get login for counting attempts to login

            if ($this->config->item('login_count_attempts', 'tank_auth') AND

                    ($login = $this->input->post('login')))

            {

                //$login = $this->input->xss_clean($login)

                 $login=$login;

            }

            else

            {

                $login = '';

            }

commenting out the line allows me to login with no problems.

Is this CI2.0 related ?

thanks

edit
it would appear xss_clean is now part of the security library, so

$login = $this->security->xss_clean($login)

does the job nicely.

Tank Auth v1.0 (CI authentication library) - El Forum - 08-28-2010

[eluser]cyclic[/eluser]
Hi -- I'm having some trouble with a brand-new tank auth installation: when I try to register a new account, I get a database error:

Quote:A Database Error Occurred

Error Number: 1054

Unknown column 'new_email' in 'where clause'

SELECT 1 FROM (users) WHERE LOWER(email)= 'benjaminl.yates@yahoo.com' OR LOWER(new_email)= 'benjaminl.yates@yahoo.com'

Can anyone help? (I'm a major noob to programming in general, so it's possible I forgot something obvious.)

Tank Auth v1.0 (CI authentication library) - El Forum - 08-28-2010

[eluser]pabloheim[/eluser]
[quote author="cyclic" date="1283055974"]Hi -- I'm having some trouble with a brand-new tank auth installation: when I try to register a new account, I get a database error:

Quote:A Database Error Occurred

Error Number: 1054

Unknown column 'new_email' in 'where clause'

SELECT 1 FROM (users) WHERE LOWER(email)= 'benjaminl.yates@yahoo.com' OR LOWER(new_email)= 'benjaminl.yates@yahoo.com'

Can anyone help? (I'm a major noob to programming in general, so it's possible I forgot something obvious.)[/quote]

Did you import the database file y set up with codeigniter database config class?

Tank Auth v1.0 (CI authentication library) - El Forum - 08-28-2010

[eluser]cyclic[/eluser]
Yep, I imported the SQL. I've attached a screenshot of the tables.

Tank Auth v1.0 (CI authentication library) - El Forum - 08-28-2010

[eluser]pabloheim[/eluser]
[quote author="cyclic" date="1283058698"]Yep, I imported the SQL. I've attached a screenshot of the tables.[/quote]

and the file database inside the config folder ?

Tank Auth v1.0 (CI authentication library) - El Forum - 08-28-2010

[eluser]cyclic[/eluser]
Yes -- I had the database connectivity working before I installed tank auth.