Tank Auth v1.0 (CI authentication library)

[eluser]Calavera[/eluser]

@calavera: Sorry, it's working perfectly here!

Your activation url must contains the user's id + hash key (.../auth/reset_password/userid/hashkey)

Compare these values with the ones in the db :
hash key should match > db > users > new_password_key
user's id should match > db > users > id

Thanks for the response. The userid and pass key are identified ok, I have echoed them in the page and it matches the db entry for the specified fields also.

What can it be ?

[eluser]gh0st[/eluser]
Although I enjoy using Tank_Auth, I'm finding it not very portable -- especially when it comes to Modular seperation.

I feel it needs:

+ Move all the hardcoded routing into a config file, that means all hardcoded links to controllers, views, etc.

In fact, I'm already doing this, its a pain in the ass as there is a lot of hardcoded links all over the place.

+ There needs to be User groups. Currently there aren't any.
+ I need to able to apply controller/method restrictions to Users and/or Groups. This would be nice to have.

+ Rather than having lots of disperate files all over the place, wouldn't it be easier to encapuslate the entire thing in a library?

[eluser]rip_pit[/eluser]
Maybe it's not the best coded CI app but it's very usefull as is! (i'm a bit new to CI)

i agree it would be stronger with users managment & ACL functionnalities (per user perms, groups perm).
But i can't complain because it saved me a lot of time, even if i had to modify it sometimes to feet my needs (like a master admin to manage all other users says add/remove).

i would be pleased to use your own tank_auth mod


@calavera: you should look into your apache & php errors logs file. I'm convinced you'll find clues there.

[eluser]Calavera[/eluser]
I don't know why this is happening... I have used this library for a couple of hours today, stored the login session in database but suddenly, without major changes to the code (not Tank auth code only), Tank auth is not able to store my login in database...it logs me in and after I refresh the browser, it requires auth again... If i check the remember me box, it does work but it works based on cookies not database...Any ideas ? I have config that points into using db for storing sessions...what can I check here to be ok ?

Thanks.

[eluser]rip_pit[/eluser]
Sorry i can't help.

did you look at the error logs ?

Try set debug = on in the config/DataBase.php file and config.php

Try a fresh install of CI+tankauth and see if it works in the same environnment.

[eluser]bogdan3l[/eluser]
Hello!

I have a problem and i need some help, please!

Why non-activated accounts are not deleted?

I set the user model to delete the non-activated account after 1 hour (3600) but with no results.

The activation email expire after 1 hour (60*60).

The login attempts are cleared after 1 hour but non-activated account not.

Sorry for my bad english and i appreciate any help.

Thank you!

[eluser]bogdan3l[/eluser]
Done it!

[eluser]rip_pit[/eluser]
[quote author="ci_the_best" date="1266024326"]Done it![/quote]
Happy you did it. If you successfully fix it, give your solution here. Maybe it'll help a next user

[eluser]gh0st[/eluser]
I have been customising TankAuth for my modular setup and am checking every link/functionality to ensure it is working.

The forgot password functionality doesn't even validate the person's details and you can just put any username (it doesn't even matter if it exists) and it will return a "success" view.

You should do the following:
+ Only allow email on the forgot password form
+ The email needs to be validated via an email callback to ensure the user exists

There are other occurances in other parts of Tank Auth where this happens, or a similar thing to it happens.

Please review Tank Auth and do the following:

+ Fully remove all hardcoded links and put it in a config file (I've had to do it myself in my build)
+ Check that the functionality actually works; if the forgot password functionality doesn't care about validating users -- what other functions do this too?

Thanks

[eluser]rip_pit[/eluser]
thank you for reporting the issues -i'm not in the tank_auth dev team -

I did my own bit of modifications EG. removing all inline "english" words and give them a translation item in the lang file.
I did translate some of the emails html/txt that were in english only.

There's some work to do with tank_auth (never noticed about the fail you talk about) but it's quite a good start for a users login system.

I wish we could put all of our work together and produce an optimised tank_auth ... sweet dream
Because everytime i apply optimisation to it, i already modded it to fit my need.
I'll try to keep it clean and share my work on it ASAP