Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Libraries & Helpers ErkanaAuth 2.0a Release
ErkanaAuth 2.0a Release
  • El Forum
    Guest
  •  
#1
02-04-2010, 11:14 AM

[eluser]Michael Wales[/eluser]
In November 07 I released the first version of ErkanaAuth. It saw a pretty decent amount of success due to it ease of use and how it still left you in control of much of the authentication process. Alas, that code has been lost in the sands of time for a while now.

I've been working on a pretty large personal project lately and decided to abstract out the authentication into a library of its own. This is very early alpha but I thought I would share with everyone and start gathering opinions and feature requests.

Check it out at http://www.michaelwales.com/2010/02/erka...sion-2-0a/ and let me know what you think.
  • El Forum
    Guest
  •  
#2
02-06-2010, 03:24 AM

[eluser]phpserver[/eluser]
Really good features,i like it.Here is what i was thinking.Is it possible to protect the whole controller instead of only one function?.
  • El Forum
    Guest
  •  
#3
02-06-2010, 10:20 AM

[eluser]SitesByJoe[/eluser]
I look forward to digging through this as I use your older ErkanaAuth library now!~
  • El Forum
    Guest
  •  
#4
04-27-2010, 11:33 AM

[eluser]vecima[/eluser]
I'm not sure what direction Michael is planning on taking ErkanaAuth 2.0 in, so this may not fit with his plans, but I figured I'd share anyway.

-I implemented a get_identifier method to return the email or username (whichever you used to set it up)
-I implemented a change_password method to allow a user to change their password.

notes:
-The change_password method uses the get_identifier method, so if you only want the change_password method, be aware that you'll need to replace the get_identifier calls.
-I tried to keep the ErkanaAuth code style so as not to confuse anyone.
-You should be able to put these methods into the ErkanaAuth class, but I didn't test it in that fashion. I have a library called Auth_wrapper that loads ErkanaAuth, and I put these methods in my wrapper.
-If you use a wrapper as I did, you may need to make a change in the ErkanaAuth library. The change is in the validate_login method near the top. After the if check for the Account class:
Code:
if (!class_exists('Account')) {
    $this->CI->load->model('account');
}

right after that if check, add another one for the CI_Session class:
Code:
if (!class_exists('CI_Session')) {
    $this->CI->load->library('session');
}

The following is the code for the methods.

get_identifier
Code:
// get_identifier()
    // Checks the session for required data then returns
    // the identifier (username / email) of the user
    function get_identifier($identifier = 'email') {
        if (!class_exists('CI_Session')) {
            $this->CI->load->library('session');
        }
        
        // Check if there is any session data we can use
        if ($this->CI->session->userdata('user_id') && $this->CI->session->userdata('user_token')) {
            if (!class_exists('Account')) {
                $this->CI->load->model('account');
            }
            
            // Get a user account via the Account model
            $account = $this->CI->account->get($this->CI->session->userdata('user_id'));
            if ($account !== FALSE) {
                if (!function_exists('dohash')) {
                    $this->CI->load->helper('security');
                }
                
                // Ensure user_token is still equivalent to the SHA1 of the user_id and password_hash
                if (dohash($this->CI->session->userdata('user_id') . $account->password_hash) === $this->CI->session->userdata('user_token')) {
                    if ($identifier == 'username') {
                        return $account->username;
                    } else {
                        return $account->email;
                    }
                }
            }
        }
        
        return FALSE;
    }

change_password
Code:
// change_password()
    // Attempts to change a user password
    function change_password($identifier = 'username') {
        if (!class_exists('CI_Form_validation')) {
            $this->CI->load->library('form_validation');
        }
        
        $this->CI->form_validation->set_rules('password', 'password', 'required|matches[passwordconf]');
        $this->CI->form_validation->set_rules('passwordconf', 'password confirmation', 'required');
    
    
        if ($this->CI->form_validation->run()) {
            if (!class_exists('Account')) {
                $this->CI->load->model('account');
            }
            
            $account = $this->CI->account->get_by(array($identifier => $this->get_identifier($identifier)));
            if ($account === NULL) {
                $this->errors[] = 'The account was not found';
            } else {
                $salt = $this->CI->erkana_auth->_generate_salt();
                
                if (!function_exists('dohash')) {
                    $this->CI->load->helper('security');
                }
                
                $account = array(
                    $identifier        => $this->get_identifier($identifier),
                    'salt'            => $salt,
                    'password_hash'    => dohash($salt . $this->CI->input->post('password')));
                
                $this->CI->db->where($identifier, $account[$identifier]);
                return $this->CI->db->update('accounts', $account);
            }
        }
        
        foreach ($this->CI->form_validation->_error_array as $error) {
            $this->errors[] = $error;
        }
        
        return FALSE;
    }

hope this helps someone!




Theme © iAndrew 2016 - Forum software by © MyBB