Ion Auth - Lightweight Auth System based on Redux Auth 2

Ion Auth - Lightweight Auth System based on Redux Auth 2 - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=22)
+--- Thread: Ion Auth - Lightweight Auth System based on Redux Auth 2 (/showthread.php?tid=27435)

Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121

Ion Auth - Lightweight Auth System based on Redux Auth 2 - El Forum - 05-23-2010

[eluser]Ben Edmunds[/eluser]
davidjlynch,

You don't need to use a callback for this as you can't check the password since it is encrypted. The checl_login callback that I posted is the closet you can get to that.

If you reference the example controller I have on github though you can see the other way.

If you do it the way I did in the example controller you check to see if ion_auth->login returns true and if not display ion_auth->errors() with flashdata. You can do it either way and the result is the same. So if you want to stick with the way you're doing it use the check_login callback. I'll re-post it below:

Code:
/**

* Callback method used during login

* @access public

* @param str $email The Email address

* @return bool

*/

public function _check_login($email)

{

$remember = FALSE;

if ($this->input->post('remember') == 1)

{

$remember = TRUE;

}

if ($this->ion_auth->login($email, $this->input->post('password'), $remember))

{

return TRUE;

}

$this->form_validation->set_message('_check_login', $this->ion_auth->errors());

return FALSE;

}

Ion Auth - Lightweight Auth System based on Redux Auth 2 - El Forum - 05-24-2010

[eluser]ladooboy[/eluser]
Btw. The session and match user_agent is working now Smile

. I've also added some code to check if the email is already logged in, if it is remove the old session.

Ion Auth - Lightweight Auth System based on Redux Auth 2 - El Forum - 05-24-2010

[eluser]InsiteFX[/eluser]
Hi Ben,

If you add Captcha, please add a number Captcha also...

Thank you
InsiteFX

Ion Auth - Lightweight Auth System based on Redux Auth 2 - El Forum - 05-25-2010

[eluser]goldorak[/eluser]
First of all, thanks Ben for all the great work you have done with Phil and the Redux code.

A captcha would be a good idea, perhaps a simple math challenge Wink

I have two questions:

-. Behaviour: The login has no effect unless I check the remember me checkbox. I went on to check what was happening bit by bit. The setup locally is to use database sessions:

Code:
$config['sess_cookie_name']        = 'ci_session';

$config['sess_expiration']        = 7200;

$config['sess_encrypt_cookie']    = TRUE;

$config['sess_use_database']    = TRUE;

$config['sess_table_name']        = 'ci_sessions';

$config['sess_match_ip']        = FALSE;

$config['sess_match_useragent']    = TRUE;

$config['sess_time_to_update']     = 300;

and $config['encryption_key'] set to something 32 chars long as suggested (should be in the README).

Well, after checking the cookies in the browser, nothing weird was found. After checking the user_data column in the ci_sessions table I found out that the last words in the column were "<p>Sesi", which corresponds to the first 4 characters of Spanish translation for $lang['login_successful']

I have gone thru all the forums at codeigniter and Google and found nothing, but commenting the 363 line of libraries\Ion_auth.php to

Code:
//$this->set_message('login_successful');

gives no error because the message in the session is not set. Now I can login whether I click on remember me or not, but closing the browser and opening it again has the same behaviour whether I chose one or the other. Could someone reproduce this issue?

-. Along the issue above, the "remember me" checkbox seems to always return a value of 1 (which is always set) instead of using the checked value of that input. At controllers\auth.php I changed the following lines from:

Code:
if ($this->input->post('remember') == 1) {

                $remember = true;

            }

            else {

                $remember = false;

            }

to:

Code:
$urlsas=$this->input->post('remember');

            if (isset($urlsas[0])) {

                $remember = true;

            }

            else {

                $remember = false;

            }

and the code at \views\auth\login.php to

Code:
&lt;?php echo form_checkbox('remember[]', 'recuerda', FALSE);?&gt;

Would this be a better implementation?

And one weird issue:
If I change the default public function username_check($username = '') at ion_auth_model.php to the suggested code on page 25:

Code:
public function username_check($username)

    {

        if ($this->ion_auth->username_check($username))

        {

            $this->form_validation->set_message('username_check', 'The username "'.$username.'" already exists.');

            return FALSE;

        }

        else

        {

            return TRUE;

        }

    }

Apache.exe closes unexpectedly on windows when entering the correct email and password at http://localhost/ci/index.php/auth/login.

Great community here!

Ion Auth - Lightweight Auth System based on Redux Auth 2 - El Forum - 05-25-2010

[eluser]Ben Edmunds[/eluser]
goldorak,

I'll have to get back with you on the rest of this because I have to leave in a minute but the code for username_check isn't to replace the method in the library or model but to use as a form_validation callback in the controller. Don't change the library or model!

I'll get back to you on the rest of it soon or maybe someone else can in the mean time.

Thanks,

Ion Auth - Lightweight Auth System based on Redux Auth 2 - El Forum - 05-25-2010

[eluser]goldorak[/eluser]
Ok, I won't.

It is only to make the remember me issue work temporarily... until we find the definite solution.

Ion Auth - Lightweight Auth System based on Redux Auth 2 - El Forum - 05-25-2010

[eluser]Ben Edmunds[/eluser]
goldorak,

Change the controller all you need to, just not the library...

Ion Auth - Lightweight Auth System based on Redux Auth 2 - El Forum - 05-26-2010

[eluser]patie[/eluser]
Hi,

i use your excellent ion_auth library but i want increase security of my application.

1. Encryption_key in config file (sufficient to set up this key ? nothing more?)
2. Session database

any more ideas ?

THANKS so much

Ion Auth - Lightweight Auth System based on Redux Auth 2 - El Forum - 05-26-2010

[eluser]goldorak[/eluser]
Hi Ben, as I said before and haven't solved the issue yet, it is a temporary fix until we finde the solution, or else the login can only be done checking the "remember me" box

Ion Auth - Lightweight Auth System based on Redux Auth 2 - El Forum - 05-26-2010

[eluser]owls[/eluser]
Bernd,

Thanks for your fix for that extra_where issue. I was getting the same errors (in English, not Deutsch ;-) ). I'll let you know if I have any problems with it.