+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: External Resources (https://forum.codeigniter.com/forumdisplay.php?fid=7)
+--- Forum: Addins (https://forum.codeigniter.com/forumdisplay.php?fid=13)
+--- Thread: Community Auth with HMVC (/showthread.php?tid=66856)
Pages:
1
2
Community Auth with HMVC - koficypher - 12-11-2016
Hi,
Can anyone briefly or practical give me insight as to how community auth works with HMVC?
Thank alot!!
RE: Community Auth with HMVC - skunkbad - 12-11-2016
I tried looking for you, but somebody had successfully done this a while back (1+ years?). I don't think they gave the details, but it is supposedly possible.
There is this: https://www.youtube.com/watch?v=m0a1ldrnNKU , but I couldn't understand a thing they were saying.
RE: Community Auth with HMVC - koficypher - 12-11-2016
(12-11-2016, 12:20 PM)skunkbad Wrote: I tried looking for you, but somebody had successfully done this a while back (1+ years?). I don't think they gave the details, but it is supposedly possible.
There is this: https://www.youtube.com/watch?v=m0a1ldrnNKU , but I couldn't understand a thing they were saying.
Well thanks alot. Not all that helpful cos they were speaking in Hindu i guess and i could barely hear them let alone understand but it did give me insight on how they extended the MY_Controller class instead of the MX in the modules folder. Wont give up here tho will still try and find a way. Thanks alot !!
RE: Community Auth with HMVC - skunkbad - 12-11-2016
(12-11-2016, 01:48 PM)koficypher Wrote:(12-11-2016, 12:20 PM)skunkbad Wrote: I tried looking for you, but somebody had successfully done this a while back (1+ years?). I don't think they gave the details, but it is supposedly possible.
There is this: https://www.youtube.com/watch?v=m0a1ldrnNKU , but I couldn't understand a thing they were saying.
Well thanks alot. Not all that helpful cos they were speaking in Hindu i guess and i could barely hear them let alone understand but it did give me insight on how they extended the MY_Controller class instead of the MX in the modules folder. Wont give up here tho will still try and find a way. Thanks alot !!
I've been using Community Auth on a few websites over the years, one of which is almost 5 years in development. Hundreds of thousands of lines of code. I've never used HMVC. If you find that it's easy to implement, maybe you could make up some instructions, and I'll try it out. If it seems reliable, I could put a blog post about it on the Community Auth website.
RE: Community Auth with HMVC - koficypher - 12-11-2016
(12-11-2016, 03:25 PM)skunkbad Wrote:That'll be very great!! Thanks.(12-11-2016, 01:48 PM)koficypher Wrote:(12-11-2016, 12:20 PM)skunkbad Wrote: I tried looking for you, but somebody had successfully done this a while back (1+ years?). I don't think they gave the details, but it is supposedly possible.
There is this: https://www.youtube.com/watch?v=m0a1ldrnNKU , but I couldn't understand a thing they were saying.
Well thanks alot. Not all that helpful cos they were speaking in Hindu i guess and i could barely hear them let alone understand but it did give me insight on how they extended the MY_Controller class instead of the MX in the modules folder. Wont give up here tho will still try and find a way. Thanks alot !!
I've been using Community Auth on a few websites over the years, one of which is almost 5 years in development. Hundreds of thousands of lines of code. I've never used HMVC. If you find that it's easy to implement, maybe you could make up some instructions, and I'll try it out. If it seems reliable, I could put a blog post about it on the Community Auth website.
RE: Community Auth with HMVC - adrianmak - 01-12-2017
I'm using this hmvc extension in my ci project.
https://bitbucket.org/wiredesignz/codeigniter-modular-extensions-hmvc
does community auth package work wit it ?
As I glance thru it's documentation, it required controller to extend My_controller from community auth
However, my modules' controllers are extended MX_controller from the hmvc extension mentioned above.
RE: Community Auth with HMVC - skunkbad - 01-12-2017
(01-12-2017, 07:05 PM)adrianmak Wrote: I'm using this hmvc extension in my ci project.
https://bitbucket.org/wiredesignz/codeigniter-modular-extensions-hmvc
does community auth package work wit it ?
As I glance thru it's documentation, it required controller to extend My_controller from community auth
However, my modules' controllers are extended MX_controller from the hmvc extension mentioned above.
Since others have done it, it's certainly possible, but you'd have to figure it out on your own, or perhaps with the help of other Community Auth users. It's entirely possible that you could extend MX_controller. PHP OOP does allow you to extend multiple times, so if that's the only issue, I think you'll figure it out.
RE: Community Auth with HMVC - bpuig - 05-17-2017
I've managed to make it "work" having MY_Controller extend Auth_Controller and having Auth_controller extend MX_Controller. I've said "work" because I'm not able to make the session persist further than the time set on config variable sess_time_to_update.
I'm suspicious that the problem is radicated in the calling multiple times $this->require_min_level(X) set in various scripts through Modules:run('...'). I think this is the cause because if I just to the login and then use a simple page, without calling any module, my session persists longer than sess_time_to_update.
I'm testing right now, if I find a solution I'll post it here.
EDIT: After testing I found that this session log out happens when Controller_1 calls method Controller_2 via HMVC, buuuut, it does not happen if Controller_1 calls method in Controller_1 via HMVC. I'll keep testing.
RE: Community Auth with HMVC - bpuig - 05-17-2017
More info:
When session gets regenerated, in MY_Session sess_regenerate function, it saves the old session as $this->pre_regenerated_session_id and the new current session as $this->regenerated_session_id.
I had the script make logs of every step, this is what came out:
DOING LOGIN, login is made, page is shown OK
Code:
DEBUG - 2017-05-17 20:34:29 --> pre_regenerated_session_id:iijge1q335sdpqb6u7516isvr7porj3k
DEBUG - 2017-05-17 20:34:29 --> regenerated_session_id:85ldb11gpif6vvsh4mv07sfd4a6jopnl
DEBUG - 2017-05-17 20:34:29 --> Test MX_Controller Initialized
DEBUG - 2017-05-17 20:34:29 --> Encryption: Auto-configured driver 'openssl'.
DEBUG - 2017-05-17 20:34:29 --> regenerated_session_id Auth Model (check_login_status) is checking for :85ldb11gpif6vvsh4mv07sfd4a6jopnl
DEBUG - 2017-05-17 20:34:29 --> query: SELECT `u`.`username`, `u`.`email`, `u`.`auth_level`, `u`.`user_id`, `u`.`banned`
FROM `auth_users` `u`
JOIN `auth_sessions` `s` ON `u`.`user_id` = `s`.`user_id`
WHERE `s`.`user_id` = '2205615491'
AND `s`.`login_time` = '2017-05-17 20:34:22'
AND `s`.`id` = 'iijge1q335sdpqb6u7516isvr7porj3k'
LIMIT 1
DEBUG - 2017-05-17 20:34:29 --> ****ROWS******:1I have my sess_time_to_update set in 5 secs, to speed things up and see where it blows
Log after refreshing page in 5 secs I GET KICKED OUT
Code:
DEBUG - 2017-05-17 20:34:29 --> File loaded: ../modules/test_1/controllers/Test_1.php
DEBUG - 2017-05-17 20:34:29 --> Test_1 MX_Controller Initialized
DEBUG - 2017-05-17 20:34:29 --> regenerated_session_id auth model (check_login_status) is checking for null:85ldb11gpif6vvsh4mv07sfd4a6jopnl
DEBUG - 2017-05-17 20:34:29 --> query:SELECT `u`.`username`, `u`.`email`, `u`.`auth_level`, `u`.`user_id`, `u`.`banned`
FROM `auth_users` `u`
JOIN `auth_sessions` `s` ON `u`.`user_id` = `s`.`user_id`
WHERE `s`.`user_id` = '2205615491'
AND `s`.`login_time` = '2017-05-17 20:34:22'
AND `s`.`id` = 'iijge1q335sdpqb6u7516isvr7porj3k'
LIMIT 1
DEBUG - 2017-05-17 20:34:29 --> ****ROWS******:0What I found is that codeigniter is looking for the old session, but my database already has the new one. This is something I dont understand.
Something happened in the middle that I'm missing?
I'll keep looking, any help is appreciated
RE: Community Auth with HMVC - skunkbad - 05-17-2017
If you do a global search for "regenerated_session_id", you'll get a good idea of what is going on. Basically, it's through regenerated_session_id and pre_regenerated_session_id that we sync up the CI session with the auth_session record, ensuring that the auth is legit, and that the session is not dropped if the CI session is regenerated.
This is one of the trickier things to handle for auth, because not everyone is going to want to use database sessions, but the auth_sessions table is essential in ensuring that a session is indeed valid.
Perhaps a better way to handle sessions would be to force everyone to use database sessions, and then just merge the auth_sessions fields into ci_sessions. I just didn't feel like it was my place to force people to do that.
Since I don't use HMVC and don't want to spend the time to support it, you're on your own on this one, but it has been done. I think somebody has a youtube video on it, but it's in a foreign language so I can't tell you if it's good or not.