| Tank Auth v1.0 (CI authentication library) |
[eluser]JamieBarton[/eluser]
Would it be easy enough to implement on the registration form a Forename and Surname field that these values are stored to the user details table and stored in the session? Also, the user details table, is it easy enough to change the table name to members, as I already have a table called members and I've referenced that pretty much in a few other models etc. so I don't want to go through all of those changing it. Is there a way to easily change all of the references to user details table? Regards, Jamie
[eluser]jfouse[/eluser]
This looks to be pretty good stuff, Gromozeka, especially given the auth lib forum thread I believe you worked off of. I'm looking to migrate to it from FreakAuth Light in the near future, probably building a groups/roles bit to sit on top of it. I have a tiny nit to pick though, and a more substantial issue to raise. The minor thing is simply that I notice you've used "authentication" and "authorization" somewhat interchangeably, but they're different things. Authentication concerns who you are, while authorization is about what you have access to. From what you've said, Tank Auth is for authentication and specifically NOT about authorization (roles, access control lists, etc). The more serious issue was rather surprising to me, given that one of your goals was increased security -- passwords should never be emailed. Period. It's an easy enough fix in your lib -- simply comment out/remove the relevant lines from the html and email views -- so it's not a show stopper as far as I'm concerned, but the error is significant enough to warrant raising it here. I seriously recommend that you re-think that as part of the standard install. It's almost like you've got a good foundation and solid walls, but there's a screen door flapping open on the back porch. 
[eluser]jfouse[/eluser]
[quote author="NateL" date="1258517573"][quote author="Gromozeka" date="1258517510"]If you use $data in more than one method, it should be declared as a class member, right?[/quote] I'm not sure  [/quote]Yes, right now your $data var is local to the __construct() function, and not visible anywhere outside of it. If you want it visible by other functions, you'll need to do something more like this: Code: class Welcome extends Controller
[eluser]Kink[/eluser]
My own response of thread #169 Hourra ! I have solved my problem. So, if user deactivate 'accept cookie' in its browser, you never access your page throw login and password. The cause is the management of the cookie with 'native' CI_Session library. It always store cookies on client system and can access cookie_data in database. The goal is to store complete cookie in database directly if there is no cookie on the client system. To solve the problem, follow instruction here : http://codeigniter.com/wiki/DB_Session/revision/7536/ And search/replace 'session_data' by 'user_data' in the db_session.php. Quote:That's done, it works fine ! Sorry, i edit my post... Well, in fact, i haven't deleted cookies before test this solution. And, it don't works. Back to zero, i'm searching where is the matter...
[eluser]Gromozeka[/eluser]
[quote author="jfouse" date="1258702092"]This looks to be pretty good stuff, Gromozeka, especially given the auth lib forum thread I believe you worked off of. I'm looking to migrate to it from FreakAuth Light in the near future, probably building a groups/roles bit to sit on top of it. I have a tiny nit to pick though, and a more substantial issue to raise. The minor thing is simply that I notice you've used "authentication" and "authorization" somewhat interchangeably, but they're different things. Authentication concerns who you are, while authorization is about what you have access to. From what you've said, Tank Auth is for authentication and specifically NOT about authorization (roles, access control lists, etc). The more serious issue was rather surprising to me, given that one of your goals was increased security -- passwords should never be emailed. Period. It's an easy enough fix in your lib -- simply comment out/remove the relevant lines from the html and email views -- so it's not a show stopper as far as I'm concerned, but the error is significant enough to warrant raising it here. I seriously recommend that you re-think that as part of the standard install. It's almost like you've got a good foundation and solid walls, but there's a screen door flapping open on the back porch. [/quote]Thank you for feedback. I agree on all your points. Calling Tank Auth as authorization library may confuse some users as well as sending user password in emails reduces security. Both issues are fixed. I changed library description a little bit and commented out password in view-files for emails. The code remained the same so I left the version number unchanged.
[eluser]674DBK[/eluser]
hi.. i got this error..p Code: Error Number: 1064
[eluser]674DBK[/eluser]
hii.. how to if i want to register user without any email activation..
[eluser]umefarooq[/eluser]
hi just make in config of tank_auth it will not send any activation to user. Code: $config['email_activation'] = FALSE;but i have check that after making it false still sending email i hope if it is a bug then please fix it.
[eluser]Pokhara[/eluser]
what is the folder structure for tank auth ? in index function it redirects redirect('/auth/login/') i can't find such structure in tan_auth download and i keep getting error. An Error Was Encountered Unable to load the requested class: tank_auth can anyone pls help me ? Thanks
[eluser]umefarooq[/eluser]
it will take you site root and auth controller and login function of auth controller. if you remove first / it will also fine Code: redirect(’auth/login/’)i have tested tank_auth with multi lang site where url is http://localhost/ci_site/en/auth/ in index function it will redirect to you http://localhost/ci_site/auth/login it will give you error. its better to remove / from redirect and its working fine |
| Welcome Guest, Not a member yet? Register Sign In |
