Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Libraries & Helpers Tank Auth v1.0 (CI authentication library)
Tank Auth v1.0 (CI authentication library)
  • El Forum
    Guest
  •  
#251
04-03-2010, 07:06 PM

[eluser]theshiftexchange[/eluser]
[quote author="TheFuteballer" date="1270329503"]I noticed that Tank_Auth redirects ONLY to the home page once a user logs in. Has anyone found a good solution to redirect to the referring page?

i.e. A user tries to access a protected portion of the side - www.example.com/admin , they go to the login page, but once they log in they get redirected to www.example.com instead of www.example.com/admin

I'd ideally like to avoid having to set a session variable that holds the current URL on each page (controller) that I want to protect.[/quote]

Try this post and see if that helps: http://ellislab.com/forums/viewthread/105291/

In terms of searching for this solution - keep in mind your issue is not a "Tank Auth" problem - its more of a general redirect problem
  • El Forum
    Guest
  •  
#252
04-03-2010, 09:55 PM

[eluser]TheFuteballer[/eluser]
[quote author="theshiftexchange" date="1270361182"]Try this post and see if that helps: http://ellislab.com/forums/viewthread/105291/

In terms of searching for this solution - keep in mind your issue is not a "Tank Auth" problem - its more of a general redirect problem[/quote]

Yes definitely. I just would've expected this to be a feature built into Tank Auth but otherwise it is perfect!
  • El Forum
    Guest
  •  
#253
04-14-2010, 10:42 AM

[eluser]crises[/eluser]
Hi, i'm trying to develop a simple group access control based on Tank Auth. The premisses are simple: don't ever touch a file nor database tables related to Tank Auth. With this in mind i would like to ask for someone to check if my implementation is secure enough.

- I have added to new tables, roles and roles_to_users:
Code:
CREATE TABLE IF NOT EXISTS `roles` (
  `id` int(11) NOT NULL,
  `group` varchar(30) COLLATE utf8_spanish_ci NOT NULL,
  PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_spanish_ci;

CREATE TABLE IF NOT EXISTS `roles_to_users` (
  `role_id` int(11) NOT NULL,
  `user_id` int(11) NOT NULL,
  KEY `id_role` (`rol_id`,`user_id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_spanish2_ci;

- Then in my (wannabe)secured Controller i have:
Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Admin extends Controller {
    
    function Admin()
    {
        parent::Controller();
        
        $this->load->library('permissions');
        
        //Am I admin?
        $this->permissions->check_for_admin();
    }
    
    function index()
    {
        //Whatever the function does :)
        echo '<p>Index Panel!</p>';
    }
}

?&gt;

- And the fun part, the Library that should handle all:
Code:
&lt;?php if (!defined('BASEPATH')) exit('No direct script access allowed');

class Permissions extends Tank_auth {
    
    function __construct()
    {
        $this->ci =& get_instance();
        
        $this->ci->load->database();
    }
    
    function check_for_admin()
    {
        if($this->is_logged_in())
        {
            if(!$this->is_admin())
            {
                $this->deny_access();
            }
        }
        else
        {
            $this->deny_access('login');
        }
    }
    
    function is_admin()
    {
        $this->ci->db->select('roles.group');
        $this->ci->db->join('roles', 'roles.id = roles_to_users.role_id');
        $this->ci->db->from('roles_to_users');
        $this->ci->db->where('roles_to_users.user_id', $this->get_user_id());
        $query = $this->ci->db->get();
        $result = $query->row_array();
        if($result)
        {
            return strtolower($result['group']) == 'admin';
        }
        else
        {
            return false;
        }
        
    }
    
    function deny_access($url = '')
    {
        $this->ci->load->helper('url');
        
        if ($url == 'login')
        {
            redirect('auth/login', 'location');
        }
        else
        {
            redirect('auth/deny', 'location');            
        }
        exit;
    }
}

?&gt;
  • El Forum
    Guest
  •  
#254
04-16-2010, 10:15 AM

[eluser]rip_pit[/eluser]
seems fine to me even if i'm not a CI pro user
thanks for the code ^^
  • El Forum
    Guest
  •  
#255
04-24-2010, 09:33 AM

[eluser]valendesigns[/eluser]
Wouldn't it make more sense if the user info was in the users table? Why is there a user_profiles table anyhow? If you are wanting to add additional user info on signup then you need to add the columns to the users table, correct?
  • El Forum
    Guest
  •  
#256
04-27-2010, 06:47 AM

[eluser]theshiftexchange[/eluser]
[quote author="valendesigns" date="1272141227"]Wouldn't it make more sense if the user info was in the users table? Why is there a user_profiles table anyhow? If you are wanting to add additional user info on signup then you need to add the columns to the users table, correct?[/quote]

I think the idea was to keep the 'user' table separate from the 'user_profile' table - so if future updates to Tank_Auth are released then it wouldnt change your own code...

There's nothing stopping you merging them into one (as I have done) if it suits you better
  • El Forum
    Guest
  •  
#257
04-27-2010, 06:55 AM

[eluser]valendesigns[/eluser]
[quote author="theshiftexchange" date="1272390459"][quote author="valendesigns" date="1272141227"]Wouldn't it make more sense if the user info was in the users table? Why is there a user_profiles table anyhow? If you are wanting to add additional user info on signup then you need to add the columns to the users table, correct?[/quote]

I think the idea was to keep the 'user' table separate from the 'user_profile' table - so if future updates to Tank_Auth are released then it wouldnt change your own code...

There's nothing stopping you merging them into one (as I have done) if it suits you better[/quote]

I guess my issue was more about the way a profile was created after you activate and therefore means you have to insert the data after the user is created but that is all fixable.
  • El Forum
    Guest
  •  
#258
04-27-2010, 10:48 PM

[eluser]omalave[/eluser]
i got a bad behaviour when i close the window of the app using CI and Tank Auth, i think is a cookie issue because firefox said it is a bad redirection, i dont get it and idk if my mistake or a bad configuration? any advices?
  • El Forum
    Guest
  •  
#259
05-05-2010, 12:31 PM

[eluser]gh0st[/eluser]
Hello

I have got a bug report.

I have got a local version of Tank Auth working fine, however when I uploaded my stuff to my live server it kept saying my password was wrong.

I made sure the database's were the same, and they were!

My password is right, I know because I've tested it lots of different times. I believe it has something to do with the way it hashes the passwords.

Can someone confirm whether or not moving their site from local to live has caused problems with TankAuth in the past, and what is the best way to resolve this?

The only thing I can do right now is to strip out the hashing and see if that works?
  • El Forum
    Guest
  •  
#260
05-05-2010, 02:17 PM

[eluser]Guardian[/eluser]
From the phpass site:

Quote:The preferred (most secure) hashing method supported by phpass is the OpenBSD-style Blowfish-based bcrypt, also supported with our public domain crypt_blowfish package (for C applications), and known in PHP as CRYPT_BLOWFISH, with a fallback to BSDI-style extended DES-based hashes, known in PHP as CRYPT_EXT_DES, and a last resort fallback to MD5-based salted and variable iteration count password hashes implemented in phpass itself (also referred to as portable hashes).

To ensure that the fallbacks will never occur, PHP 5.3.0+ or the Suhosin patch may be used. PHP 5.3.0+ and Suhosin integrate crypt_blowfish into the PHP interpreter such that bcrypt is available for use by PHP scripts even if the host system lacks support for it.




Theme © iAndrew 2016 - Forum software by © MyBB