CodeIgniter Forums

Full Version: MY_Controller and login-authentication misunderstanding probably
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

El Forum

[eluser]blitzneo[/eluser]
Hi there, I tried, by reading every single post I found related to this, build an auth-login system.
So if I understood correctly:

I created a MY_Controller library:

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Auth_controller extends CI_Controller {

public $data; // creo $data apropiadamente.

public function __construct()
{
parent::__construct();

if ($this->session->userdata('logged_in') === TRUE)
{
redirect('site/index');
} else {
redirect('welcome/index');
}
}

}

then, a Login controller, extending this one

<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Login_controller extends Auth_controller {

public function index()
{
// check user
}

}

and then, the site controller, which can be seen only if the user is logged in, otherwise, it will be the welcome one.

so my question is:
Has site controller be written this way ?

class Site extends CI_Controller {
//...
}

or this way ?

class Site extends Auth_controller {
//...
}

I ask this because I am a bit lost, after logging a user and redirecting to the 'private' site things... Thanks a lot for your help, and sorry if I missed to read this in any other post :/

El Forum

[eluser]cideveloper[/eluser]
Do not make an Auth Controller. Make an auth library. Then make a MY_Controller that checks if the user is logged in by calling a method in your auth library. Extend all controllers that need to be protected with MY_Controller. Since you are starting off from the sounds of it I suggest using a pre-built auth library like ion auth. I use it extensively and only once in a while do I need to alter it.

El Forum

[eluser]InsiteFX[/eluser]
The MY_Controller can be named whatever your want for a Class name, but it must be saved with a filename of MY_Controller.php
in application/core/MY_Controller

InsiteFX

El Forum

[eluser]blitzneo[/eluser]
cideveloper yup, that's what I said =) I created a library called MY_Controller.php in application/core/My_Controller, like InsiteFX said.
My question is, if a user is already logged in, I think he/she shouldn't be able to see for example login, signup controllers again, soooo maybe that controllers should be not extended by that MY_Controller library, right ? Or just check if they are already logged in, redirect to the index ?
Maybe my last post wasn't clear enough, sorry.

El Forum

[eluser]skunkbad[/eluser]
[quote author="blitzneo" date="1307442466"]...Or just check if they are already logged in, redirect to the index ?[/quote]

Yes, but you don't necessarily have to redirect.

El Forum

[eluser]blitzneo[/eluser]
Hmmm I think I have it.. but..
having this:

<?php if ( ! defined(‘BASEPATH’)) exit(‘No direct script access allowed’);

class Auth_controller extends CI_Controller {

public function __construct()
{
parent::__construct();

if ($this->session->userdata(‘logged_in’) === TRUE)
{
//redirect(‘site/index’);
} else {
redirect(‘welcome/index’);
}
}
}

class Site extends Auth_controller {
public function index()
{
echo 'Logged';
}
}


if I type test.com/site/index, without logging in, it should redirect me to welcome/index, right ? Because it's not..

El Forum

[eluser]blitzneo[/eluser]
forgot to add the __construct... sorry