+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Archived Discussions (https://forum.codeigniter.com/forumdisplay.php?fid=20)
+--- Forum: Archived Libraries & Helpers (https://forum.codeigniter.com/forumdisplay.php?fid=22)
+--- Thread: General ACL login system (FreakAuth vs. EzAuth vs. Erkana) (/showthread.php?tid=6279)
Pages:
1
2
General ACL login system (FreakAuth vs. EzAuth vs. Erkana) - El Forum - 02-20-2008
[eluser]mdg5w[/eluser]
So, I've spent the past 2 and a half weeks developing an intranet for my company with a calendaring system (which I would like to expand on in the future). It's all based on FreakAuth_Light 1.1 which I thought satisfied all my needs. However, my company has told me today that they would like the option on the login page to be able to either login as a "public" or "shared" computer which determines whether or not a cookie is placed on the computer, basically a "remember me" option.
Well, after going into FAL to modify the core I realized that the entire FAL sub-system is based on cookies, as in you can't log into the site without a cookie. So if the user doesn't select the "remember me" option and no cookie is placed on the computer then the user can't log in at all.
This was a major setback and the only solution I could offer was to create a "remember me" box so that the cookie either never expires or expires in a set time (maybe 30 minutes).
I have a few questions because this is the first login system that I have ever really done. First, do people not use sessions to record logins? What is standard in terms of login systems (sessions/cookies)? Is there any good material out there that explains good and bad practices?
It seems that I should be using sessions to record logins and using cookies as a "remember me" function. What should I do in my situation? And what platform should I use? FreakAuth, EzAuth, Erkana, or another system that I don't know of.
General ACL login system (FreakAuth vs. EzAuth vs. Erkana) - El Forum - 02-21-2008
[eluser]Neophyte[/eluser]
even php sessions set a cookie (for the session id) unless you place the session id in the URL (which is more trouble than its worth imo) im not familiar with FAL but if you make it so when its a shared computer you dont set an expire for the cookie then the cookie will expire as soon as the user closes their browser window as per the php documentation for set_cookie()
Quote:If set to 0, or omitted, the cookie will expire at the end of the session (when the browser closes).
General ACL login system (FreakAuth vs. EzAuth vs. Erkana) - El Forum - 02-21-2008
[eluser]mdg5w[/eluser]
Thanks Noephyte. You're probably right about session ids in the URL being too much trouble. Setting the cookie to 0 makes sense.
Thanks again.
General ACL login system (FreakAuth vs. EzAuth vs. Erkana) - El Forum - 02-22-2008
[eluser]danoph[/eluser]
You are in luck! The last release of EzAuth (0.6) has an auto-login function that was specifically designed for a "Remember Me" checkbox on a login form. You only have to call two methods to enable auto-login - a function to remember the user and a function to automatically login the user on page load.
General ACL login system (FreakAuth vs. EzAuth vs. Erkana) - El Forum - 03-11-2008
[eluser]Jauhari[/eluser]
So? which one better?
General ACL login system (FreakAuth vs. EzAuth vs. Erkana) - El Forum - 03-11-2008
[eluser]nark3d[/eluser]
I could do with some help here too.
I really like the FAL structure and format, but I'd really like a "remember me" option on my sites.
Can this be easily adapted? Has anyone managed it before?
General ACL login system (FreakAuth vs. EzAuth vs. Erkana) - El Forum - 03-11-2008
[eluser]Michael Wales[/eluser]
ErkanaAuth doesn't support a "Remember Me" option directly out of the box - although it wouldn't be difficult to implement.
General ACL login system (FreakAuth vs. EzAuth vs. Erkana) - El Forum - 03-12-2008
[eluser]Kemik[/eluser]
There isn't really a better one. It all depends on the project and how much out-of-the-box you need.
I personally used Erkana for my latest one because I only needed a simple solution.
General ACL login system (FreakAuth vs. EzAuth vs. Erkana) - El Forum - 03-12-2008
[eluser]John Fuller[/eluser]
Here is another option. Build your own! By the time you have looked at all the other offerings, discussed the options on the forums, tried them out in a test and figured out how to use the library you choose then you could have probably built a kick ass login system to your exact specs.
Not like CodeIgniter is a PHP web developers framework or anything.
General ACL login system (FreakAuth vs. EzAuth vs. Erkana) - El Forum - 03-13-2008
[eluser]adamp1[/eluser]
I agree if there isn't one which provides exactly what you want, build your own. Dosn't take long and you then have a custom built library which you know fully how it works.