Authentication/Authroization Plugins?

[eluser]pbreit[/eluser]
I don't understand why the whole auth situation is so poor. There are hardly any apps worth building that don't have some sort of user auth/mgmt. And user auth/mgmt should be practically identical on most apps.

[eluser]Colin Williams[/eluser]
Understood or not, there aren't any signs that CI will have built in user-related functions any time soon. Any decision to use or not use CI should be made with this truth taken in full consideration.

[eluser]TheFuzzy0ne[/eluser]
That's exactly why CodeIgniter allows developers to add their own libraries and build on CodeIgniter. CodeIgniter is not PEAR - it's meant to be light way and fast. CodeIgniter is only meant to be a simple set of tools, that's all. As for auth, there are so many different libraries out there, all great, but none of which appeal to me. I think this highlights the fact that auth libraries are very different, and I doubt it's even possible to come up with any single solution that will work for everyone's situation.

- My 2 pence

[eluser]Tim Stackhouse[/eluser]
That's exactly why I chose CI for this project. There are a few things that are missing (a good ORM for one) but the flexibility that it gives more than makes up for it.

[eluser]jedd[/eluser]
[quote author="pbreit" date="1239703907"]I don't understand why the whole auth situation is so poor.[/quote]

I looked at DX Auth, and one or two others, and they seemed particularly competent. What's poor about the current arrangement?

There are hardly any apps worth building that don't have some sort of user auth/mgmt. And user auth/mgmt should be practically identical on most apps.

I disagree with both these opinions.

While there may be some basis for the assertion that many authentication systems share certain things in common - users have names, email addresses, passwords etc - the differences are substantial enough to make so many of the really good auth 'drop-in libraries' (eg. DX Auth) infeasible for so many users. There's just too much that they have to change in order to get a generic library to suit their needs, or to fit the rest of their app.

[eluser]pbreit[/eluser]
What sort of site would you build with CodeIgniter that doesn't have a login? Are the authentication differences legitimate or philosophical?

[eluser]TheFuzzy0ne[/eluser]
[quote author="pbreit" date="1239754254"]What sort of site would you build with CodeIgniter that doesn't have a login?[/quote]

A search engine.

[eluser]jedd[/eluser]
[quote author="pbreit" date="1239754254"]What sort of site would you build with CodeIgniter that doesn't have a login?[/quote]

Seriously? Lots of things don't need a login. A blog (if you don't want comments). A photo gallery (ditto). As Fuzzy points out, almost any kind of search engine. Any place, really, that you want to publish information but don't care about who reads it - or rather, who has different levels of access to it.

Are the authentication differences legitimate or philosophical?

Eh? I'm not the one complaining about a lack of a one-size-fits-none authentication engine bundled with CI .. so my differences are entirely pragmatic.

If you're in the habit of writing systems, and they were similar enough in auth requirements, then you'd just write your basic module and modify it as needed for each project. If you want something more sophisticated and don't have extant code (or particular habits) to modify, then you'd just grab one of the existing auth libraries and wrap your new code around it.

Given that option has always existed, and seems to work well for people in that situation, I'm unsure what the problem is.