CodeIgniter Forums
Authentication on CI4 - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: CodeIgniter 4 (https://forum.codeigniter.com/forum-28.html)
+--- Forum: CodeIgniter 4 Discussion (https://forum.codeigniter.com/forum-31.html)
+--- Thread: Authentication on CI4 (/thread-71674.html)



Authentication on CI4 - Poetawd - 09-12-2018

Hello Guys !

Great to hear about CI4 ! 

I am really excited about this one !!! Thank you very much for yout effort !

Just a simple question... because I am starting a new project and wanted to try CI4...

Is there a authentication library or helper that works with CI4 ?

THANK YOU VERY MUCH !


RE: Authentication on CI4 - skunkbad - 09-12-2018

Although no documentation and the CI4 adapter hasn't been started, I plan to make an adapter for https://bitbucket.org/skunkbad/php-universal-authentication

The problem is, at least last time I checked, Ci4 wasn't ready enough to start in on the adapter. I was waiting for the Encryption library to be done. If you've got good PHP skills, you can probably figure out the package and use it. There is a CI3 adapter that should help.

Honestly, if CI4 was done today, an adapter would only take a couple of hours to create.


RE: Authentication on CI4 - ciadmin - 09-12-2018

(09-12-2018, 09:32 AM)skunkbad Wrote: Although no documentation and the CI4 adapter hasn't been started, I plan to make an adapter for https://bitbucket.org/skunkbad/php-universal-authentication

The problem is, at least last time I checked, Ci4 wasn't ready enough to start in on the adapter. I was waiting for the Encryption library to be done. If you've got good PHP skills, you can probably figure out the package and use it. There is a CI3 adapter that should help.

Honestly, if CI4 was done today, an adapter would only take a couple of hours to create.

Encryption is not likely to be in CI4 ... we are recommending halite instead, as it does everything we wanted to do and then some, in a modern fashion.


RE: Authentication on CI4 - Poetawd - 09-12-2018

Thank you for the replies !

This probably isnt the place to ask... But... is CI4 ready enough for a production app ?

Thank you guys !

I am a huge fan of CI and this comunity ! I really think that CI4 will make CI shine like never before !


RE: Authentication on CI4 - ignitedcms - 09-12-2018

I think @kilishan is best suited to answer this one.


RE: Authentication on CI4 - kilishan - 09-12-2018

(09-12-2018, 11:08 AM)Poetawd Wrote: Thank you for the replies !

This probably isnt the place to ask... But... is CI4 ready enough for a production app ?

Thank you guys !

I am a huge fan of CI and this comunity ! I really think that CI4 will make CI shine like never before !

Well - it hasn't hit a final release yet, and is still an Alpha-product, though a number of people have said they are using it on sites. So - use at your own risk...

(09-12-2018, 11:22 AM)ignitedcms Wrote: I think @kilishan is best suited to answer this one.

I do have an in-progress auth library and the main authenticate/authorize stuff is in place, I believe, though it's definitely heavily under construction. It's the only CI4-specific package that I'm aware of at this time. There are plenty of framework-agnostic packages that could be adapted, like php-auth or Sentry.


RE: Authentication on CI4 - Poetawd - 09-13-2018

(09-12-2018, 01:17 PM)kilishan Wrote:
(09-12-2018, 11:08 AM)Poetawd Wrote: Thank you for the replies !

This probably isnt the place to ask... But... is CI4 ready enough for a production app ?

Thank you guys !

I am a huge fan of CI and this comunity ! I really think that CI4 will make CI shine like never before !

Well - it hasn't hit a final release yet, and is still an Alpha-product, though a number of people have said they are using it on sites. So - use at your own risk...

(09-12-2018, 11:22 AM)ignitedcms Wrote: I think @kilishan is best suited to answer this one.

I do have an in-progress auth library and the main authenticate/authorize stuff is in place, I believe, though it's definitely heavily under construction. It's the only CI4-specific package that I'm aware of at this time. There are plenty of framework-agnostic packages that could be adapted, like php-auth or Sentry.

Thank you very much for all your effort sir ! 

I am more concerned about security and performance ... 

I don´t really care about other bugs and incompatibility, I actually like those, I always learn from those...

Please allow me to reformulate my question:

Is CI4 safe and stable enough to be used in a production website ? 

I know that your answer will propably be the same, I am really sorry for this, but, is there anything you can add here ? 

Again, THANK YOU VERY MUCH for your effort towards this project and this comunity ! Please be aware that you have a huge fan here !


RE: Authentication on CI4 - skunkbad - 09-14-2018

(09-12-2018, 10:24 AM)ciadmin Wrote: Encryption is not likely to be in CI4 ... we are recommending halite instead, as it does everything we wanted to do and then some, in a modern fashion.

Actually, I'm not even sure why I thought I needed the encryption library. I think it was because I was going through the CI4 install process as described in documentation (possibly not yours) and it was telling me to set an encryption key for sessions. I checked out Halite and it looks good. Thanks for the link.


RE: Authentication on CI4 - ignitedcms - 09-15-2018

Depending what your web app does, you probably don't even need encryption. I only used it for saving an SMTP email password in the database, for extra security.


RE: Authentication on CI4 - skunkbad - 09-27-2018

I finally got a basic CI4 adapter working for PHP Universal Authentication. Haven't tested what happens when the session is regenerated, but don't have a reason to believe there's going to be show stopping problems. Currently, the dev-develop and dev-master branches are both the same. The only tag is a old tag, so not worth checking out.

UPDATE:

Staying logged in during/after a session ID regeneration has been tested and the basic CI4 adapter works fine.