Welcome Guest, Not a member yet? Register   Sign In
A3M vs. Ion Auth
#1
Question 

I'd like to know what's your opinion about these two authentication libraries.

I'm currently using A3M for a project and so far it's working fine. But from what I can see, it looks amateurish and I'm concerned about its security. I never used Ion Auth, but my first impression is it's made by someone that know what he's talking about.

So now I'm wondering if I should switch to Ion Auth or keep A3M. Or maybe switch to something else? Anybody have experience with A3M or Ion Auth? Are they robust enough?
Reply
#2

Ion Auth is what i use for all of my CI projects. It is clean, robust, easy to use, and easy to extend or change if needed.
Reply
#3

I use Ion Auth and its pretty easy to install and use. It could use some updates and cleanup but it's good at what it does.
Reply
#4

Thank you for your feedback!

Anybody had a bad experience like web site hacked, password stolen or other nasty things because of a flawed authentication library?

I had some bad experiences with a certain CMS I will not name, so I'm a little bit paranoid! Wink
Reply
#5

Well like you i had a very bad experience with a certain cms and continually getting hacked. But since i have moved on to my own CMS using CI and Ion Auth as my auth lib i have not had an issue with that. And have been using the two together for a while now.
Reply
#6

(11-27-2014, 03:27 AM)Hobbes Wrote: Well like you i had a very bad experience with a certain cms and continually getting hacked. But since i have moved on to my own CMS using CI and Ion Auth as my auth lib i have not had an issue with that. And have been using the two together for a while now.

Nice! That is reassuring! I also think there's more chance of being hacked when using a popular CMS. Once they find a security hole they can hack a whole bunch of website with a single script...
Reply
#7

I'm using A3M for a long time now, and have no problem with it security. Would recommend using A3M, as an easy start to a project for "user management" rather for authentication.
Reply
#8

(12-25-2014, 07:11 PM)RitterCox Wrote: I'm using A3M for a long time now, and have no problem with it security. Would recommend using A3M, as an easy start to a project for "user management" rather for authentication.

As one of the developers of A3M, I would say that this is probably the most accurate description. A3M is intended as a starting point to get quickly started with an application and cover the basics.

A3M is a good starting point, but still has a long way to go. The new version for CI3 will be dependent on HybridAuth for authentication which will allow to get users from many other points, but with it come problems that HybridAuth is struggling with. Also IonAuth has had many more people work on it and look at it then A3M so that makes it a bit better looking and more likely to have less possible issues.

If you are using A3M I would like to encourage you to submit fixes and improvements, thanks!
https://github.com/donjakobo/A3M/tree/ci3-beta
Reply
#9

If you need a simple ACL library for Codeigniter, without a database, you can use this one.
This is ideal for small sites that only have a few users ( basic client type sites );
I know it's not been updated for a while but nothing to update :-)
Just download or fork from github.
https://github.com/dollardad/CI-ACL

It should also be OK for CI 3, let me know if you have any problems.
Most things broken in our house was done by nobody, the rest was my fault anyway Huh
Reply
#10

i am also using ion auth its good but i am facing one problem with that after successful login if i try to access any link it redirect me to login page there is browser cache, session or cookie issue
Reply




Theme © iAndrew 2016 - Forum software by © MyBB