+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: token based Authentification with LDAP (/showthread.php?tid=66439)
token based Authentification with LDAP - SirTom - 10-22-2016
Hello everybody,
I hope, somebody can help me. For my past projects I always used Ion-Auth for the authentification. Now I start an new android webapp project. For the web-views I use Codeigniter and I want to implement the authentification with tokens. For this I get all user data from a ldap-server. The connection to the ldap-server works fine and I can authenticate direct by using sessions.
Now I want to connect the Webapp. For this I sent the user und password to the server and receive a json string (JWT):
PHP Code:
$user = $_POST['userl'];
$password = $_POST['password'];
// ldap authentification
$this->auth_ldap->login($user, $password);
$response = ...
echo json_encode($response); // token
The webapp will store the token in a sqlite database. Logout will clear the database.
For the view calls I alway check the token:
Code:
decode($_POST['token'], 'secret_server_key');Combined The workflow goes like
- The user calls authentication service, usually sending username and password.
- The authentication service responds with a signed JWT, which says who the user is.
- The user requests access to a secured service sending the token back.
- Security layer checks the signature on the token and if it's genuine the access is granted.
I hope, sombody can help me.
Thanks Thomas