+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: For CI 3.1.6: Seeking very simple login system, no DB, good example code (/showthread.php?tid=69080)
For CI 3.1.6: Seeking very simple login system, no DB, good example code - hen3ry - 10-04-2017
For CI 3.1.6: Seeking very simple login system, no DB, good example code
I'm converting a legacy site to CI... It has an old, creaky, unreliable generic php login system, with "remember me". Which I'd like to replace with a new, reliable, CI-integrated, package also with "remember me".
The site will never have more than about 5 registered users. The access restriction applicable to each page: none (public) -- restricted -- webmaster-only. Each registered user has one of two privilege levels.
For simplicity and portability I'd like to do this without a database. (For my minimal requirements a DB seems like huge overkill.) Also, don't need a registration system -- I can maintain the credentials manually. They don't change very often.
I've found about two dozen auth bolt-ons for CI, but almost all of them require a DB. Some of the products don't seem very current, which is a bit worrying. CI 4 is on the horizon...
And: most of the docs I've found are pretty abstract -- I can't actually see how the auth system is used in concrete terms. (Yeah, my CI skills are not the greatest.) As I'm fully loaded with other details of conversion -- not to mention a serious back-up in the incoming content stream -- I need a simple, representative implementation example to work from.
Fallback: I'll use a DB if I must, as long as the requirements above are met.
TIA
RE: For CI 3.1.6: Seeking very simple login system, no DB, good example code - InsiteFX - 10-05-2017
Without a DB it will not be secure!
RE: For CI 3.1.6: Seeking very simple login system, no DB, good example code - Kaosweaver - 10-05-2017
If you intend to manage the login credentials manually, you could just setup an array of them in the config file.
like in config.php
PHP Code:
$config['insecure_logins'] = array("username1"=>"password","username2"=>"password",...)
Then make your login page (form with username and password) post it to a controller and check the config login array to see if it matches.
Of course, you should secure the passwords with something and you should have a brute force detection.
I'd take the time to get one of the authentication systems and use them so you learn how to setup a legitimate authentication system so the next time you actually need something robust, you'll already know one and know how to do it.