Thanks kilishan!
It took some time but manage to make it work with your code
Code:
class MY_Security extends CI_Security
{
/**
* @var array Controllers to ignore during the CSRF cycle.
*
* If part of a module, the controller should be listed as:
* {module}/{controller}
*/
protected $ignored_controllers = array('authorization/signin');
/**
* The constructor
*
* @return void
*/
public function __construct()
{
parent::__construct();
}
/**
* Show CSRF Error
*
* Override the csrf_show_error method to improve the error message
*
* @return void
*/
public function csrf_show_error()
{
show_error('[Moru.my] The action you have requested is not allowed. You either do not have access, or your login session has expired and you need to sign in again.');
}
/**
* Verify Cross Site Request Forgery Protection
*
* Override the csrf_verify method to allow us to set controllers and
* modules to override.
*
* @return object Returns $this to allow method chaining
*/
public function csrf_verify()
{
$uri = $_SERVER['REQUEST_URI'];
$uri = explode("/", $uri);
$module = empty($uri[1]) ? "" : $uri[1];
$controller = empty($uri[2]) ? "" : $uri[2];
if ( ! empty($this->ignored_controllers)) {
$path = empty($module) ? $controller : "{$module}/{$controller}";
if (in_array($path, $this->ignored_controllers)) {
return $this;
}
}
return parent::csrf_verify();
}
}
Do let me know if there's any issue with the above code. For now its working!