+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: External Resources (https://forum.codeigniter.com/forumdisplay.php?fid=7)
+--- Forum: Addins (https://forum.codeigniter.com/forumdisplay.php?fid=13)
+--- Thread: Community auth for full password protected website (/showthread.php?tid=66503)
Pages:
1
2
Community auth for full password protected website - appc - 10-27-2016
I need some support on this.
I have a full password protected website on several controllers.
All I need is being able to check if there someone is logged in and if yes display the views or login form.
PHP Code:
if( if( $this->require_min_level(0) )
{
//my stuff
}
Is there a possiblity to make the check in the __construct() ?
For now it's working in the same controller (not in the construct but in each function) but if I want to go to another controller after login it give me again the login form like the user is not logged in correctly.
Should I make a if( $this->require_min_level(0) ) on the main controller and a if( $this->verify_min_level(0) ) in the other controllers ?
I'm lost here.
Thanks again
RE: Community auth for full password protected website - skunkbad - 10-27-2016
If all you are doing is verifying that somebody is logged in, and the page is accessible to anyone (even if they are not logged in), then see this:
http://community-auth.com/documentation/usage/simple-verification
Basically, you would do this:
PHP Code:
$this->is_logged_in();
But if all you want to do is show the login form because the page content should only be available to logged in users, do this:
PHP Code:
if( $this->require_min_level(1) )
{
// Anyone that is logged in would see this ...
}
That code is shown at the bottom of this page:
http://community-auth.com/documentation/usage/enforcing-authentication
As for your last question, yes you protect routable methods. Those methods may be available to different users, levels, etc.
PHP Code:
<?php
class Some_controller extends MY_Controller{
public function __construct()
{
parent::__construct();
}
public function foo()
{
if( $this->require_role('admin') )
{
// Admin must be logged in, and if not they see login form
}
}
public function bar()
{
if( $this->require_role('admin') )
{
// Admin must be logged in, and if not they see login form
}
}
}
RE: Community auth for full password protected website - appc - 10-28-2016
Unfortunatelly I still have an issue. Let me try to explain. I have 2 controllers:
- main controller called Website
- controller to a specific section called Person
1. it takes me to http://mywebsite/login?redirect=person (correct!)
2. I enter my login informations
Then If I've on my Person controller this
PHP Code:
public function index()
{
if( $this->require_role('admin') ){
//Blabla
}
}
or
PHP Code:
public function index()
{
if( $this->require_min_level(1) ){
//Blabla
}
}
It still shows me the login page with no error at all.
If I have this:
PHP Code:
public function index()
{
//Blabla
}
It shows me the right content.
Why ? I can't understand this..
RE: Community auth for full password protected website - skunkbad - 10-28-2016
It sounds like your session is not working correctly. Are you using database sessions, or filesystem sessions?
After logging in, do you have a cookie and a session in the database/filesystem?
RE: Community auth for full password protected website - appc - 10-28-2016
I'm using filesystem sessions and yes I can see (strangely several files per session). Regarding Cookie I'll check
Here is my logs also if this can helps (I don't know why I get this openssl as I'm not using it.
PHP Code:
DEBUG - 2016-10-29 06:39:01 --> UTF-8 Support Enabled
DEBUG - 2016-10-29 06:39:01 --> Global POST, GET and COOKIE data sanitized
DEBUG - 2016-10-29 06:39:01 --> Config file loaded: /mywebsite/application/third_party/community_auth/config/db_tables.php
DEBUG - 2016-10-29 06:39:01 --> Config file loaded: /mywebsite/application/third_party/community_auth/config/authentication.php
DEBUG - 2016-10-29 06:39:01 --> Encryption: Auto-configured driver 'openssl'.
DEBUG - 2016-10-29 06:39:01 --> Total execution time: 0.3142
DEBUG - 2016-10-29 06:39:06 --> UTF-8 Support Enabled
DEBUG - 2016-10-29 06:39:06 --> Global POST, GET and COOKIE data sanitized
DEBUG - 2016-10-29 06:39:06 --> Config file loaded: /mywebsite/application/third_party/community_auth/config/db_tables.php
DEBUG - 2016-10-29 06:39:06 --> Config file loaded: /mywebsite/application/third_party/community_auth/config/authentication.php
DEBUG - 2016-10-29 06:39:06 --> Encryption: Auto-configured driver 'openssl'.
DEBUG - 2016-10-29 06:39:06 -->
string = myuser
password = mypassword
form_token = cea5e871
token_jar = ["743ae0d6","acb79b67","cea5e871"]
DEBUG - 2016-10-29 06:39:06 --> Config file loaded: /mywebsite/application/third_party/community_auth/config/user/password_strength.php
DEBUG - 2016-10-29 06:39:06 --> Config file loaded: /mywebsite/application/third_party/community_auth/config/form_validation/user/login.php
DEBUG - 2016-10-29 06:39:07 --> Total execution time: 0.4977
DEBUG - 2016-10-29 06:39:07 --> UTF-8 Support Enabled
DEBUG - 2016-10-29 06:39:07 --> Global POST, GET and COOKIE data sanitized
DEBUG - 2016-10-29 06:39:07 --> Config file loaded: /mywebsite/application/third_party/community_auth/config/db_tables.php
DEBUG - 2016-10-29 06:39:07 --> Config file loaded: /mywebsite/application/third_party/community_auth/config/authentication.php
DEBUG - 2016-10-29 06:39:07 --> Encryption: Auto-configured driver 'openssl'.
DEBUG - 2016-10-29 06:39:07 --> Session class already loaded. Second attempt ignored.
DEBUG - 2016-10-29 06:39:07 --> Total execution time: 0.0524
DEBUG - 2016-10-29 06:39:07 --> UTF-8 Support Enabled
DEBUG - 2016-10-29 06:39:07 --> Global POST, GET and COOKIE data sanitized
DEBUG - 2016-10-29 06:39:07 --> Config file loaded: /mywebsite/application/third_party/community_auth/config/db_tables.php
DEBUG - 2016-10-29 06:39:07 --> Config file loaded: /mywebsite/application/third_party/community_auth/config/authentication.php
DEBUG - 2016-10-29 06:39:07 --> Encryption: Auto-configured driver 'openssl'.
DEBUG - 2016-10-29 06:39:07 --> Total execution time: 0.0431
RE: Community auth for full password protected website - skunkbad - 10-29-2016
I don't see anything in your logs that would help. I would probably go through the install step by step to confirm everything is right. If everything is right, it's probably your CI sessions config. Post your sessions config code. You might also strip out the comments and post your Community Auth configs.
RE: Community auth for full password protected website - appc - 11-03-2016
Would you available in skype for a few minutes ? I can't find anything that can help.
I would pay you for this service.
I can see sessions files, I can see cookies, but still not working..
Thanks in advance for your answer
RE: Community auth for full password protected website - skunkbad - 11-03-2016
Community Auth has 3 new commits in its repository. This should fix your problem.
RE: Community auth for full password protected website - appc - 11-04-2016
Unfortunatelly doesn't fix anything..Thanks for trying to help me, I'm switching to Ion Auth
RE: Community auth for full password protected website - skunkbad - 11-04-2016
(11-04-2016, 12:06 AM)appc Wrote: Unfortunatelly doesn't fix anything..Thanks for trying to help me, I'm switching to Ion Auth
That's unfortunate for you, since Community Auth is fully working with the commits from this evening. It's probably just your code, and I'm sorry but just don't have the time to skype and help you out. Good luck with Ion Auth.