CodeIgniter Forums
flexi auth - A user authentication library for CodeIgniter - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forum-20.html)
+--- Forum: Archived Libraries & Helpers (https://forum.codeigniter.com/forum-22.html)
+--- Thread: flexi auth - A user authentication library for CodeIgniter (/thread-54581.html)

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34


flexi auth - A user authentication library for CodeIgniter - El Forum - 10-24-2012

[eluser]Tom Vogt[/eluser]
Quote:+ Login sessions are managed via a hashed session token technique as described by Barry Jaspan.
+ The session tokens mentioned above are further secured using CI’s encryption library.

Uh, why? In general, more encryption does not improve security, and often reduces it. Can you explain in more detail what you are doing there and why?


flexi auth - A user authentication library for CodeIgniter - El Forum - 10-24-2012

[eluser]Swedie[/eluser]
[quote author="haseydesign" date="1350690999"]@davidinchi

Yes you were right, there was a bug with the library and IE setting login cookies on the 'Login via Ajax' example.
Although I could only regenerate the bug in IE and not Chrome as you suggested.
However, I'm pretty sure the fix should address any browsers that were having the same issue.

You can get the fix from the usual Github repo.
The only file that needs to be updated is 'flexi_auth_lite_model.php'.
[/quote]

Thank YOU! My God it drove me crazy today wondering what the heck was going on. I could only back trace it to the Flexi auth system. Updated to as per told, and the logout bug dissappeared.

Otherwise a great library! thanks!


flexi auth - A user authentication library for CodeIgniter - El Forum - 10-25-2012

[eluser]haseydesign[/eluser]
@Tom Vogt

The feature list on the first post of this thread should not really have included that in the text.

What it was referring to is that the sessions that data is saved to via the flexi auth library CAN be encrypted using the CI config setting $config['sess_encrypt_cookie'].

It was badly worded and ended up sounding misleading; since that feature is within the core of CI, it
cannot really be listed as a feature of the library. I've since edited it out.

--------------------------------------------------------------------------------------------

@Swedie
Thanks for the feedback man, glad to hear you got things sorted.






flexi auth - A user authentication library for CodeIgniter - El Forum - 10-26-2012

[eluser]x2blue[/eluser]
Hi.
I want to thank you for great work.
But really am confusing foe how to implement it.
I church the demo,and check the libs file there is different in deploy.
I need your help to deploy it, shall I create new model or used yours, if you just simplicity it as follow ,login controller,, model login for interact with database.
I just want understand it as well.
I appreciate if you put simple code here for my login controlled and model.
Thank you.


flexi auth - A user authentication library for CodeIgniter - El Forum - 10-26-2012

[eluser]haseydesign[/eluser]
@x2blue

Here's the most basic demo example I can come up with for the basics for logging in via the flexi-auth library.

You will still need to install the demo database table and content for the example to work.
The login details are the same as given via the demo.

Once you get these basics of the library understood, you can then progress to developing your code further with validation and user redirects based on login status - as demonstrated via the demo.

controllers/your_controller.php
Code:
class Your_controller extends CI_Controller {

    function __construct()
    {
        parent::__construct();

  $this->auth = new stdClass;
  $this->load->library('flexi_auth');
}

    function login()
    {
  // If 'Login' form has been submited, attempt to log the user in.
  if ($this->input->post('login_user'))
  {
   // Verify login data.
   $result = $this->flexi_auth->login($this->input->post('login_identity'), $this->input->post('login_password'), $this->input->post('remember_me'));

   if ($result)
   {
    die('Login Successful');
   }
   else
   {
    die('Login Failed | <a href="'.$_SERVER['PHP_SELF'].'">Retry Login</a>');
   }
  }
  else
  {
   $this->load->view('login_view');
  }
    }
}

views/login_view.php
Code:
<!doctype html>
&lt;html&gt;
&lt;head&gt;
&lt;title&gt;flexi auth login example&lt;/title&gt;
&lt;/head&gt;
&lt;body id="login"&gt;
&lt;form action="&lt;?php echo $_SERVER['PHP_SELF']; ?&gt;" method="POST"&gt;
  <label for="identity">Email or Username:</label>
  &lt;input type="text" id="identity" name="login_identity" value="[email protected]"/&gt;
  <hr>
  <label for="password">Password:</label>
  &lt;input type="password" id="password" name="login_password" value="password123"/&gt;
  <hr>
  <label for="remember_me">Remember Me:</label>
  &lt;input type="checkbox" id="remember_me" name="remember_me" value="1"/&gt;
  <hr>
  <label for="submit">Login:</label>
  &lt;input type="submit" name="login_user" id="submit" value="Submit"/&gt;
&lt;/form&gt;
&lt;/body&gt;
&lt;/html&gt;



flexi auth - A user authentication library for CodeIgniter - El Forum - 10-26-2012

[eluser]x2blue[/eluser]
Very thanks. Shall I used model or this enough.
And for the data base if I need to extend it using profile or other operation . I used as you mentioned or shall create a model to handle it.
Thanks


flexi auth - A user authentication library for CodeIgniter - El Forum - 10-26-2012

[eluser]haseydesign[/eluser]
@x2blue

I'm guessing that you probably new to using CodeIgniter.
The flexi-auth libraries and models should not be edited by you at all, they should just be dropped into the correct directories and then called when required. The only file you are likely to need to edit, is the flexi-auth-config file.

Regarding how you implement your own code with either controllers or models, basically, anything that you put in a model can also be put in the controller. The purpose of the model is primarily a way to tidy your codebase so that your controllers are directing the flow of data rather than managing the functionality of getting/setting data.

Jumping straight into using a library like flexi-auth will not be easy for someone without CodeIgniter /MVC experience. I suggest you familarise yourself with the CI user guide to get a better understanding of how to do things.
When I first started learning CI, I spent a few hours just reading every page within the guide. It is so well documented it will greatly enhance your understanding of how to use the framework.

Once you understand the basics, jump back into the flexi-auth user guide and demo to get started on building your application.



flexi auth - A user authentication library for CodeIgniter - El Forum - 10-26-2012

[eluser]x2blue[/eluser]
I understand your point. But in your sample code you don't use the model. I suppose there are two method to handle by your model or the library file.
As the file model you provide if I create login function shall I pass all data from login view to model or just is used the way you mention in the sample.
Thanks


flexi auth - A user authentication library for CodeIgniter - El Forum - 10-26-2012

[eluser]haseydesign[/eluser]
@x2blue
When you load the flexi auth library, it loads what it needs from the flexi auth models.
Any function you wish to use from the flexi auth library, is accessed directly via the libray files; you never need to interact with the flexi-auth models, just the library files.

In the demo, a model is used to perform functions like login, however, if you prefer, you could jut include these functions within your controller.
In the example above, I have just called the flexi-auth function via the controller.


flexi auth - A user authentication library for CodeIgniter - El Forum - 10-29-2012

[eluser]rtan[/eluser]
Hi,

I'm a fan of Ion auth and was just looking into your lib and it has great documentation and features & options.

Great Work!



Any direct idea on multiple roles for a user, though I had done it for Ion auth and may need to recode otherwise.

Thanks & regards.