Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums CodeIgniter 4 CodeIgniter 4 Support authentication
authentication
  • Offline Leo
    Member
  • ***
  • Posts: 108
    Threads: 11
    Joined: Jun 2017
    Reputation: 1
#6
04-16-2020, 01:37 PM
(This post was last modified: 04-16-2020, 01:47 PM by Leo.)

(04-16-2020, 11:01 AM)oh so does that mean its ok to verify the session in every controller that I require to protect from unauthorized user Wrote: like so:

class Def_nivel extends BaseController
{
  public function index()
  {
    if (isset($_SESSION['login_utiliz'])) {

      echo view('common/header');
      echo view('common/sidebar');
      echo view('definicoes_view/nivel');
      echo view('common/footer');
    } else {
      return redirect()->to(base_url('login'));
    }
  }

It can be. I usually make a function that checks if the user is logged in, in the BaseController.
Something like this: 

PHP Code:
class BaseController extends Controller
{
    /*
    All the default stuff in the base controller that comes with Codeigniter 4, like the comments and the
   initController function
    */
    protected function check_login(bool $kick truebool $show_404 false)
    {
         if(isset($_SESSION['login_utiliz']) {
            return true;
         } else {
            if($kick) {
                header('Location: /login');
                exit();
            }

            if($show_404) {
                throw \CodeIgniter\Exceptions\PageNotFoundException::forPageNotFound();
            }

            return false;
         }
    

This way you can call this function from any controller, like admin, or users, or home or whatever - and you can set what you want be done from there - quick and easy. Maybe you want them kicked to login screen, or show them 404 if its a sensitive administrator only page.

While a Login controller, PHS was talking about, handles the actual logging in part, (and maybe it can also have registration and user delete and other user related methods) THIS little function handles the actual CHECKING of being logged in.

Now you can just write one line from any controller to perform a check. Like this:
class Def_nivel extends BaseController
{
  public function index()
  {
      $this->check_login();
      echo view('common/header');
      echo view('common/sidebar');
      echo view('definicoes_view/nivel');
      echo view('common/footer');
  }
}

Much cleaner
You can see things I made with codeigniter here: itart.pro its not overly impressive as I have very little time to learn.
Reply


Messages In This Thread
authentication - by joseCarlos - 04-16-2020, 04:04 AM
RE: authentication - by Leo - 04-16-2020, 06:00 AM
RE: authentication - by joseCarlos - 04-16-2020, 06:26 AM
RE: authentication - by PHS - 04-16-2020, 10:46 AM
RE: authentication - by joseCarlos - 04-16-2020, 11:01 AM
RE: authentication - by Leo - 04-16-2020, 01:37 PM
RE: authentication - by joseCarlos - 04-16-2020, 02:37 PM



Theme © iAndrew 2016 - Forum software by © MyBB