For CI 3.1.6: Seeking very simple login system, no DB, good example code |
For CI 3.1.6: Seeking very simple login system, no DB, good example code
I'm converting a legacy site to CI... It has an old, creaky, unreliable generic php login system, with "remember me". Which I'd like to replace with a new, reliable, CI-integrated, package also with "remember me". The site will never have more than about 5 registered users. The access restriction applicable to each page: none (public) -- restricted -- webmaster-only. Each registered user has one of two privilege levels. For simplicity and portability I'd like to do this without a database. (For my minimal requirements a DB seems like huge overkill.) Also, don't need a registration system -- I can maintain the credentials manually. They don't change very often. I've found about two dozen auth bolt-ons for CI, but almost all of them require a DB. Some of the products don't seem very current, which is a bit worrying. CI 4 is on the horizon... And: most of the docs I've found are pretty abstract -- I can't actually see how the auth system is used in concrete terms. (Yeah, my CI skills are not the greatest.) As I'm fully loaded with other details of conversion -- not to mention a serious back-up in the incoming content stream -- I need a simple, representative implementation example to work from. Fallback: I'll use a DB if I must, as long as the requirements above are met. TIA
Without a DB it will not be secure!
What did you Try? What did you Get? What did you Expect?
Joined CodeIgniter Community 2009. ( Skype: insitfx )
If you intend to manage the login credentials manually, you could just setup an array of them in the config file.
like in config.php PHP Code: $config['insecure_logins'] = array("username1"=>"password","username2"=>"password",...) Then make your login page (form with username and password) post it to a controller and check the config login array to see if it matches. Of course, you should secure the passwords with something and you should have a brute force detection. I'd take the time to get one of the authentication systems and use them so you learn how to setup a legitimate authentication system so the next time you actually need something robust, you'll already know one and know how to do it. |
Welcome Guest, Not a member yet? Register Sign In |