my auth is secure?

i need a simple user login system for my first ci app. i have created some models and ... to login user, in login controller , i save username and user id is session :

Code:

$CI->session->set_userdata('username' , $user->get_username());
$CI->session->set_userdata('userid' , $user->get_id());

and logout :

Code:

function user_logout($redirect_uri = NULL){
    $CI = get_instance();
    $CI->session->unset_userdata('username');
    $CI->session->unset_userdata('userid');
    if($redirect_uri){
        redirect($redirect_uri);
    }

and when i need to know user is loged in, i check session for username and id,

and when i need user's info like email , roles ,... i create new object of user_model and load from database using userid (in session)

i set session encrypt and set crypt key in config and saving md5(password) in DB,

can you tell me this is right way for simple (but secure) login system?

ressan.ir
CI is nice