• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
flexi auth - A user authentication library for CodeIgniter

#41
[eluser]netty[/eluser]
Thanks Swedie.

#42
[eluser]haseydesign[/eluser]
@Jonny Blaze

There's a few different things that were going on with regard to this.

Firstly, I presume to replicate this problem you were logging in, going to the Privilege Example page where it would correctly say 'User logged in via password'.
If you then closed the browser and then reopened this same page, it would still say 'User logged in via password'. If you then refreshed the page, the user would be logged out.

This problem has now been fixed so the users session credentials are instantly removed, rather than after 1 page refresh. The update is available via the Github repo.

-----------------------------------------------------------------------------

Now further into possibly the behaviour you were expecting.
The reason why the user was logged out rather than saying 'User logged in via "remember me"' is because of the config setting:
Code:
$config['security']['logout_user_onclose'] = TRUE;

This logs the user out when the browser is closed.

If you were to set the above setting to FALSE, and repeat the steps outlined at the top, it will still say 'User logged in via password' - this is because of the timelimit defined via the the config setting:
Code:
$config['security']['login_session_expire'] = 60*60*3;

If you were to change this to for example 10 seconds, provided you don't refresh the page within 10 seconds, the users login status will fall back to 'User logged in via "remember me"' (Provided the remember option was selected on login), or log the user out completely.

After considering this, I think it is best that the login via password status should always be removed upon the browser being closed - so I will look to include this feature into the library soon.

-----------------------------------------------------------------------------

I hope that helps explain whats happening.

#43
[eluser]haseydesign[/eluser]
@netty

The problem you were having is caused by the class 'tooltip_parent' that is used throughout the demo to transform the next html element with a class of 'tooltip' into a popup element that is shown when the parent element is focused on.

So to remove the 'Example Users' popup from the demo login page, you would remove the entire span with the classes 'tooltip width_400' (As you say you did), but then also remove the 'tooltip_parent' class from input element with an id of 'identity'.

#44
[eluser]netty[/eluser]
Awesome, thanks.

#45
[eluser]haseydesign[/eluser]
@Klausch

Regarding issue #1.
A table with an Auto Increment column (As the user account table has), will by default start from the number 1, therefore the id of 0 should never occur.

In any case, to patch this possible occurrence, I've updated the instances of where this can occur withing the library.

-------------------------------------------------------------------------------------------

Regarding issue #2.
You've possibly inadvertently highlighted a bug within the demo that may not directly solve the problem you were having, but may shed some light on what should be happening.

To start with, I tried to replicate the bug as you stated by updating a users email via the 'verify_updated_email()' function, and then calling the 'get_user_by_identity_row_array()' function immediately afterwards to get the new user data.

The data returned was as should be expected and formated as follows:
Code:
Array
(
    [uacc_id] => 3
    [uacc_group_fk] => 1
    [uacc_email] => new_email@website.com
    ... etc ...
);

There seemed to be no problem here.

However, within the demo example, I noticed it was impossible to access the 'update_email' page without being logged in, therefore any non-logged in user (Perhaps using a different device) trying to verify their change of email address would not be able to access the page - this is because the email verification token only validates whether an email should be updated, it does not by default grant login access within the demo.

Therefore, if you were running the function behind a controller/model that required the user to be logged in, you may be getting returned an empty array...?

I've updated the Github repo to include both of these updates.

#46
[eluser]haseydesign[/eluser]
@karanits on 19 September.

Geez I was meant to get back to you on this much earlier.
If your still following the thread...

The errors you were getting when auto loading the CI form_validation library have been fixed.

The update is available from the Github repo.


#47
[eluser]haseydesign[/eluser]
@Klausch

The bug you highlighted from your 26th September post regarding the 'insert_custom_user_data() ' function has been fixed.

The function has been updated to return an array of the table name and row id that have been updated by the function.
This means if more than 1 table has a record inserted into it, each table name and row id are paired together in the returned array.

If nothing is returned, the function returns FALSE.

The changes are documented via the user guide page http://haseydesign.com/flexi-auth/user_g..._user_data

#48
[eluser]haseydesign[/eluser]
@Jonny Blaze and as a general NEW FEATURE announcement!

Two new config settings have been added to the config file that define whether a user who has logged in via a password (Rather than via the 'Remember me' feature), should have their 'logged in via password' credential unset as soon as they close their browser.

Previously, if the user had logged in via a password, then closed the browser and reopened it, they would still be recognised as using the same browser session, and so their login status would remain as 'Logged in via password'.

With the new setting enabled, the user would be restricted to 'Logged in via "Remember me"' status (If they enabled this option on login), or else they would be logged out.

The config settings can be found in the usual flexi auth config file and are as follows:
Code:
$config['cookies']['login_via_password_token'] = 'login_via_password_token';

...

$config['security']['unset_password_status_onclose'] = TRUE;

The 'login_via_password_token' config setting defines the name of the cookie.
The 'unset_password_status_onclose' config setting defines whether the feature should be enabled.

The user guide has been updated with the new information @ http://haseydesign.com/flexi-auth/user_g...ion_config (You'll need to scroll down to find the corresponding settings).

The update as usual is available via the latest Github repo.

#49
[eluser]Jonny Blaze[/eluser]
[quote author="haseydesign" date="1349534767"]@Jonny Blaze and as a general NEW FEATURE announcement![/quote]

Thank you Hasey, this works exactly like I expected it to now.

#50
[eluser]caprisun[/eluser]
Hello,

I am new to codeigniter and started using flexi_auth but i've strumbled on a problem.
After registering or logging in these errors are thrown:

Code:
Severity: Notice
Message: Trying to get property of non-object
Filename: models/flexi_auth_model.php
Line Number: 1702

Severity: Notice
Message: Trying to get property of non-object
Filename: models/flexi_auth_model.php
Line Number: 1705

Severity: Notice
Message: Trying to get property of non-object
Filename: models/flexi_auth_model.php
Line Number: 1705

Severity: Warning
Message: Cannot modify header information - headers already sent by (output started at /public_html/dev/system/core/Exceptions.php:185)
Filename: libraries/Session.php
Line Number: 672

Severity: Warning
Message: Cannot modify header information - headers already sent by (output started at /public_html/dev/system/core/Exceptions.php:185)
Filename: libraries/Session.php
Line Number: 672

Severity: Warning
Message: Cannot modify header information - headers already sent by (output started at /public_html/dev/system/core/Exceptions.php:185)
Filename: helpers/url_helper.php
Line Number: 542

Does anyone know how to solve this, probably a mistake made by myself but can't find out what the problem might be.


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2019 MyBB Group.