Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter General Help Breaking login flow if already logged in with another session Codeigniter 3
Breaking login flow if already logged in with another session Codeigniter 3
  • Offline ThumbPacked
    Newbie
  • *
  • Posts: 1
    Threads: 1
    Joined: Jun 2020
    Reputation: 0
#1
06-20-2020, 12:46 AM

I am working on a codeigniter 3 app and ive recently implemented a session checker that deletes a user session if they're already logged in. Now we want a modal box to pop up if the user is already logged in with another session. I am able to get a modal box to pop up using a button but i want to implement it into the original flow of the login system. As it is the login form takes you straight to the validate login system. This is the login form now:
Code:
<form action="<?php echo site_url('login/validate_login/user'); ?>" method="post">
  <div class="content-box">
      <div class="basic-group">
          <div class="form-group">
              <label for="login-email"><span class="input-field-icon"><i class="fas fa-envelope"></i></span> <?php echo get_phrase('email'); ?>:</label>
              <input type="email" class="form-control" name = "email" id="login-email" placeholder="<?php echo get_phrase('email'); ?>" value="" required>
          </div>
          <div class="form-group">
              <label for="login-password"><span class="input-field-icon"><i class="fas fa-lock"></i></span> <?php echo get_phrase('password'); ?>:</label>
              <input type="password" class="form-control" name = "password" placeholder="<?php echo get_phrase('password'); ?>" value="" required>
          </div>
      </div>
  </div>
  <div class="content-update-box">
      <button type="submit" class="btn"><?php echo get_phrase('login'); ?></button>
  </div>
    <!-- Modal -->
  <div class="modal fade" id="login" role="dialog">
    <div class="modal-dialog">

      <!-- Modal content-->
      <div class="modal-content">
        <div class="modal-header">                               
          <h4 class="modal-title">You are already logged in</h4>
        </div>
        <div class="modal-body">
          <p>You are currently logged in on a different session on the site. Please note that if you continue, the existing session will be terminated. Please change your password if you suspect that your account has been conpromised.</p>
        </div>
        <div class="modal-footer">
          <button type="button" class="btn btn-default" data-dismiss="modal">Cancel Login</button>
          <button type="submit" class="btn"><?php echo get_phrase('login'); ?></button>
        </div>
      </div>

    </div>
  </div>
  <div class="forgot-pass text-center">
      <span><?php echo get_phrase('or'); ?></span>
      <a href="javascript::" onclick="toggoleForm('forgot_password')"><?php echo get_phrase('forgot_password'); ?></a>
  </div>
  <div class="account-have text-center">
      <?php echo get_phrase('do_not_have_an_account'); ?>? <a href="javascript::" onclick="toggoleForm('registration')"><?php echo get_phrase('sign_up'); ?></a>
  </div>
</form>

The button at the moment goes straight to this login function:

PHP Code:
public function validate_login($from "") {
        $email $this->input->post('email');
        $password $this->input->post('password');
        $credential = array('email' => $email'password' => sha1($password), 'status' => 1);

        // Checking login credential for admin
        $query $this->db->get_where('users'$credential);

        if ($query->num_rows() > 0) {
            $row $query->row();
            $this->session->set_userdata('user_id'$row->id);
            $this->session->set_userdata('role_id'$row->role_id);
            $this->session->set_userdata('role'get_user_role('user_role'$row->id));
            $this->session->set_userdata('name'$row->first_name.' '.$row->last_name);
            $this->delete_session_user_id();
            $this->session->set_flashdata('flash_message'get_phrase('welcome').' '.$row->first_name.' '.$row->last_name);
            if ($row->role_id == 1) {
                $this->session->set_userdata('admin_login''1');
                redirect(site_url('admin/dashboard'), 'refresh');
            }else if($row->role_id == 2){
                $this->session->set_userdata('user_login''1');
                $this->set_session_user_id();
                redirect(site_url('home/my_courses'), 'refresh');
            }
        }else {
            $this->session->set_flashdata('error_message',get_phrase('invalid_login_credentials'));
            redirect(site_url('home/login'), 'refresh');
        }
    

I created this function to pull the user id from an email:

PHP Code:
ublic function get_user_id($user_email "") {
        $this->db->select('id');
        $this->db->where('email'$user_email);
        $user_id=$this->db->get('users');
        return $user_id;
    
This function can get the user id based on the email supplied.

Then I use this function to check if there is a session and return [i]false[/i] if there are 0 results and [i]true[/i] if there is a session with that user id. So if its false they should be able to log in and the modal pop-up shouldn't open but if its true it should open.
PHP Code:
  public function user_has_session($user_id=''){
        $this->db->where('user_id',$user_id);
        $this->db->from('ci_sessions');
        $total=$this->db->count_all_results();
        if($total<0
            return false;
        else
            return true;
    
I think this is the best approach without having to redo the entire login flow. Perhaps someone can advise if this is the best approach or if in fact i should change the entire flow.
Thanks
Here is the previous problem I had which I have answered myself on stack overflow. It's related because this post shows my logic for the login sessions:
codeigniter 3 stop multiple logins using ci_sessions database
Thanks and regards
Zayd Bhyat
Reply




Theme © iAndrew 2016 - Forum software by © MyBB