Ion Auth - Lightweight Auth System based on Redux Auth 2

[eluser]Phil Sturgeon[/eluser]
[quote author="GlennJ" date="1273690653"]Yeah, I do understand where you're coming from and I understand the pros and cons.

I think for a blog or CMS that would be fine, but security is paramount on this site and the users have absolutely nothing in common.

I'll have a think... ;-)

Cheers.[/quote]

As far as authentication goes, everybody is a user right? Everybody needs a login, everybody has an email.

I have done all sorts of crazy things with Ion Auth that a user auth system wouldn't handle, the best example being a multi-site, reseller account with public users, reseller customers (running the sites that the public users look at), resellers (managing the reseller custom accounts) and super-admins who manage the resellers.

These are all run off one "user" database and have groups.

Security here is clearly paramount, but as long as you code right there is no problems at all.

You could do this purely with groups, or you could have users, customers and admins as separate tables.

"users" would handle the basic data, then customers and admins would both have a user_id field and contain extra info.

Then just add a "type" enum('customer', 'admin') field to your database, and use the built-in hidden awesomeness that is:

Code:

$this->ion_auth->extra_where('type', 'customer');
$this->ion_auth->extra_set('type', 'customer');

This means any new users will be customers, and it will only look for customers on login.

Put that in global code like named base controllers and you are all set.