Ion Auth - Lightweight Auth System based on Redux Auth 2

[eluser]Ben Edmunds[/eluser]
rickyracoon,

Sorry, I didn't completely understand what you were saying. It definitely isn't the easiest change and it's been that way since the beginning with Redux 1.0.

[eluser]Ben Edmunds[/eluser]
Marco,

It makes perfect sense. Right now the best way is to always keep the user object is a (semi) global variable that you can access from all of you're controllers through a MY_Controller or similar.

I have some plans for an updated group of methods that will solve the optimization issues, add more logical and OOP style methods and add a bunch of needed features but haven't had time to write them all yet. Just know that they are coming soon.

The meta update issue will also be fixed in the new update method.


Sorry I can't give you any kind of timeline ATM though as my life is crazy busy right now.

[eluser]rickyracoon[/eluser]
Ben, thanks for the reply. I actually was able to change the functionality to require unique email AND userid, and allow login via either. Not sure if there is demand for this but I think its an awesome feature. I'd be happy to share if you or anyone else is interested...but I haven't implemented it in a way that allows you to choose between this scheme and the original scheme via config file. Its sort of hard-coded to meet my needs but I could put some more time into making it a config option if people are interested.

Another question:

Is there a way for regular php pages outside of the Codeigniter directories to check if a user is signed in?? I'm encrypting cookies and storing session data in database for increased security - so I'm not sure if there is an easy way to sniff and find out if the user is signed in outside of the CI scope. Or perhaps there is a way to load the CI scope into a regular PHP page? Any thoughts on this would be appreciated.

[eluser]Paul Huu[/eluser]
Hi Ben, I'm new to CI so please bear with me and my problem:

I am able to view mysite.com/auth, where I am redirected to 'auth/login.' After I submit the form with "admin@admin.com" & "password" I get redirected to the same page.

Digging a little, I found that $this->form_validation->run() returns false. I hardcoded some changes to get the example account to login, but then the is_admin() function returns false. =/ What can I do to further troubleshoot?

Code:

function login()
    {
        $this->data['title'] = "Login";
        
        //validate form input
        $this->form_validation->set_rules('email', 'Email Address', 'required|valid_email');
        $this->form_validation->set_rules('password', 'Password', 'required');

        if ($this->form_validation->run() == true) { //check to see if the user is logging in
            //check for "remember me"

[eluser]Ben Edmunds[/eluser]
rickyracoon,

Awesome, if you write it with config options and fork the github repo there's a good chance it'll get integrated into the library.

There are way to import CI libraries and to read the DB sessions. For the DB sessions outside of CI you can just read through the CI library and see how they select the session and then duplicate that logic.

[eluser]Ben Edmunds[/eluser]
Paul Huu,

You should figure out why validation is failing. Are you inputting invalid data?

[eluser]Lucas Alves[/eluser]
Hi, I found a problem (at least, for my app, it was a problem ) with loginr function (in the ion_auth_model).

If an user choose "remember me" and the really bad administrator deactivate his account, he still can do auto login. The solution I found is just to put "->where('active', 1)" in the select query at line 930. I know I could just use an _extra_where, but I think it's more secure doing this way.

Code:

$query = $this->db->select($this->identity_column.', id, group_id')
->where($this->identity_column, get_cookie('identity'))
->where('remember_code', get_cookie('remember_code'))
->where('active', 1)
->limit(1)
->get($this->tables['users']);

I made another modification, I'm using ci encrypt class to protect the identity and remember_code cookies' values. Maybe it's excess protection, but, I think this couldn't be exposed.

It's a really good library, I was using a modified (by me) version of redux_auth, but I really liked this lib. Now I'm modifying a little this lib to works with my app, but it was so well structured that I almost have nothing to modify :cheese: .

Congratulations, and thanks for the lib.

[eluser]Ben Edmunds[/eluser]
Lucas Alves,

The remember change makes sense. Can you fork and do a pull request please.

The identity cookie isn't really a big deal but I'm going to be changing the remember code cookie soon to be more secure.


Thanks!

[eluser]Lucas Alves[/eluser]
Unfortunately the firewall from my company blocks Github.

[eluser]design_shuffle[/eluser]
Hi, I have just found your library and It works great on my app.

I have setup 3 user groups..

Admin
Members
Media Partners

Would it be possible to redirect each user group to their unique dashboard area rather than the home page?

e.g.


admins log in and are redirected to => /admin/dashboard/
members log in and are redirected to => /users/dashboard/
media partners log in and are redirected to => /media-info/dashboard/


How would I go about this in my auth controller?

Thanks, Dan