CodeIgniter Forums
Advice for auth systems? - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Development (https://forum.codeigniter.com/forum-6.html)
+--- Forum: CodeIgniter 3.x (https://forum.codeigniter.com/forum-17.html)
+--- Thread: Advice for auth systems? (/thread-61908.html)



Advice for auth systems? - Gianluigi - 05-29-2015

Hi!

I did some research to find ready authentication systems, but many of these have broken links or are dated (and I don't know if there are better solution for security purposes, I'm new in CI).

So I try to ask you if you can tell me some ready systems that have these features:
- Security
- Sign up / Login (if possible, with js/jquery to do ajax check for forms)
- Secure remember me (encrypt cookies with browser / last request and others like that, or in any case some secure approach to make it safe)
- Session and user data on mysqli

And, if possible, also:
- Access level management
- Back-end management

Things like ajax will be good for me not only to have fast result, but because with a ready example (by secure source) I also can learn how-to implement also ajax requests with CI in a good way...

Thank you!


RE: Advice for auth systems? - roopunk - 05-31-2015

No trying to promote or anything but I created a kickstart repo for myself while freelancing. You might want to take a look : https://github.com/roopunk/CodeIgniter-Kickstart
It has basic user authentication out of the box and should come in handy in your situation


RE: Advice for auth systems? - Diederik - 05-31-2015

Hmm storing passwords as md5 is not realy considered secure...

I would recommend that you take a look at ion auth.


RE: Advice for auth systems? - kilishan - 05-31-2015

IonAuth is one of the most commonly recommended ones out there.

I've taken things a bit further in my own "kickstart", Sprint and am pretty proud of the Auth in there. You should be able to rip it out fairly easily. One of these days, I swear I'll make it a stand-alone lib, but haven't gotten there, yet.

- Sprint's Auth Code
- Sprint's Authentication Docs
- Sprint's Authorization Docs


RE: Advice for auth systems? - Gianluigi - 06-04-2015

Thank you all!

Start to try them.

@kilishan sorry but I've some problem to understand where to put your files.. Also, you talk about /application/config/auth.php file that not exists in the default CI folders. I must create it? Can you explain me where I must put all the files?

Thanks!


RE: Advice for auth systems? - kilishan - 06-04-2015

@Gianluigi no problem. I haven't tried pulling it out of Sprint to use in a plain CodeIgniter app before, but the steps should be something like the following. NOTE: You must have Composer working with the application. Also has a PHP 5.4+ requirement.

1. Copy the config/auth.php file from Sprint's code to your own.
2. Decide where you want to store the files. For this example, we'll store them under the third_party folder.
3. Edit the composer.json file to setup autoloading for the Myth namespace.

Code:
"autoload": {
    "psr-4": {
        "Myth\\": "application/third_party/"
    }
}

4. Copy Sprint's myth/Auth folder into your third_party folder.
5. at the CLI do "composer dump-autoload" just to make sure it can find it
6.In your controller, use the Myth\Auth\AuthTrait to add the convenience methods to your controller.

Oh - and I think this requires the Events package, also, so make sure to copy myth/Events folder into your third_party folder, and the events config file.

Migrations for the required tables are in the repo

You can also look at the Auth module for login, registration, forgot password implementation, etc.


RE: Advice for auth systems? - Gianluigi - 01-14-2016

(06-04-2015, 09:15 PM)kilishan Wrote: @Gianluigi no problem. I haven't tried pulling it out of Sprint to use in a plain CodeIgniter app before, but the steps should be something like the following. NOTE: You must have Composer working with the application. Also has a PHP 5.4+ requirement.

1. Copy the config/auth.php file from Sprint's code to your own.
2. Decide where you want to store the files. For this example, we'll store them under the third_party folder.
3. Edit the composer.json file to setup autoloading for the Myth namespace.

Code:
"autoload": {
    "psr-4": {
        "Myth\\": "application/third_party/"
    }
}

4. Copy Sprint's myth/Auth folder into your third_party folder.
5. at the CLI do "composer dump-autoload" just to make sure it can find it
6.In your controller, use the Myth\Auth\AuthTrait to add the convenience methods to your controller.

Oh - and I think this requires the Events package, also, so make sure to copy myth/Events folder into your third_party folder, and the events config file.

Migrations for the required tables are in the repo

You can also look at the Auth module for login, registration, forgot password implementation, etc.


Some news about stand alone package to avoid composer process?