Ion Auth - Lightweight Auth System based on Redux Auth 2

[eluser]Random dude[/eluser]
Should we password protect models and not just controllers? Is that the newbest question ever?

[eluser]vivekh[/eluser]
Hi Ben,

Have a noob question. Just need a suggestion if Ion Auth would be suitable for my requirement. My site should have three types of users. A user, seller and the admin. So is it suitable for me to use Ion Auth or is it only suitable for one type of user and an admin. Do I need to make a lot of change if I use Ion Auth?

Thanks.

[eluser]Unknown[/eluser]
my bad .

has solved .. i did stupid thing XD

thanks for the library ben .

Regards,

[eluser]austintbiggs[/eluser]
I'm trying to keep my views organized into subfolders [views/auth, views/admin, etc..] and so I'm trying to get my "admin.php" controller to (I guess) "extend" ion auth; by simply calling it's functions and adding my own from a separate controller (dashboard.php). How would I do this without putting views/auth into views/dashboard?

Thanks.

[eluser]pelkin000[/eluser]
[quote author="joytopia" date="1270367536"]Happy Easter, Ben,

this morning - the session cookies expired over night – I got on two of three browsers these error messages:

Code:

A PHP Error was encountered

Severity: Notice

Message: Undefined property: Ion_auth_model::$ion_auth

Filename: models/ion_auth_model.php

Line Number: 844

Code:

A PHP Error was encountered

Severity: Notice

Message: Trying to get property of non-object

Filename: models/ion_auth_model.php

Line Number: 844

Code:

Ein Datenbankfehler ist aufgetreten

Error Number: 1064

Fehler in der SQL-Syntax. Bitte die korrekte Syntax im Handbuch nachschlagen bei 'id` = '8'' in Zeile 1

UPDATE `users` SET `last_login` = 1270340970 WHERE ` IS NULL AND `id` = '8'

I cannot figure out, why it's only in two of three browsers. This is a bit confusing.
In the two browsers (FireFox and Safari)I have all the three cookies. In the other one (Opera) I have only the session cookie.

Best regards
Bernd[/quote]

I am still having this problem. I am running PHP 5.2, CI 2.0, Ion Auth, Firephp and Uh Oh!

Code:

ErrorException [ Notice ]: Undefined property: Practice::$ion_auth

SYSDIR/core/Model.php [ 50 ]

45      * @access private
46      */
47     function __get($key)
48     {
49         $CI =& get_instance();
50         return $CI->$key;
51     }
52 }
53 // END Model Class
54
55 /* End of file Model.php */

This problem seems to creep in primarily when using IE7 (no issues with FF3, 4 or Chrome), though that doesn't make much sense to me.

Practice Controller:

Code:

class Practice extends CI_Controller {
    
    var $user;
    var $game;
    
    function __construct() {
        parent::__construct();
        
        // ION Auth
        $this->load->library('Ion_auth');
        $this->load->library('form_validation');
        $this->load->library('session');
        
        // Defaults
        $this->load->helper('url');
        $this->load->library('firephp');
        
        // Models
        //$this->load->model('Ion_auth_model');
        //$this->load->model('Player');
        $this->load->model('Practice_Game');

Anyone have any ideas? Ive made adjustments to some of the places in Ion_auth to do an isset check on ->_extra_where. Here is the line just before the final error:

Code:

APPPATH/models/ion_auth_model.php [ 966 ] » CI_Model->__get(arguments)

key ion_auth


961         {
962             return FALSE;
963         }
964
965         //get the user
966         if (isset($this->ion_auth->_extra_where))
967         {
968         $this->db->where($this->ion_auth->_extra_where);
969         }
970
971         $query = $this->db->select($this->identity_column.', id, group_id')

[eluser]pelkin000[/eluser]
A quick follow up - this problem seems to creep up when I attempt to access a page that is 'restricted' without first having gone to a non-restricted page on the same domain first. That is to say, if I open my browser and type in www.example.com/restricted - i get the error. But if I type in www.example.com/login and THEN (even if i dont log in properly) go to www.example.com/restricted it will either let me in or redirect me correctly (depending on if i actually logged in).

Hopefully that helps.

[eluser]idealws[/eluser]
First let me say thank you for the addition to CI. It is working well and saved me a lot of time.

My question is about the last login. I noticed that when I login it updates the last login as the current login which is fine except unless I am missing something, how do I get the actual last login for the current user?

To explain I think they know they are logging in right this minute and where they are logging in from. I believe the purpose of the last login would be to show the user when they or someone else had logged in before todays login.

Is there something I missed so I can show the last login before the users login is updated?

Hopes this makes since,

Regards,
Ray

[eluser]idealws[/eluser]
I didn't find what I was looking for so here is what I did in case there is someone else looking for the samething:

Modify the users table to be like so:

Code:

CREATE TABLE `tcs_users` (
  `id` mediumint(8) unsigned NOT NULL AUTO_INCREMENT,
  `group_id` mediumint(8) unsigned NOT NULL,
  `ip_address` char(16) NOT NULL,
  `username` varchar(15) NOT NULL,
  `password` varchar(40) NOT NULL,
  `salt` varchar(40) DEFAULT NULL,
  `email` varchar(100) NOT NULL,
  `activation_code` varchar(40) DEFAULT NULL,
  `forgotten_password_code` varchar(40) DEFAULT NULL,
  `remember_code` varchar(40) DEFAULT NULL,
  `created_on` int(11) unsigned NOT NULL,
  `last_login` int(11) unsigned DEFAULT NULL,
  `last_login_ip` varchar(20) DEFAULT NULL,
  `active` tinyint(1) unsigned DEFAULT NULL,
  PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=utf8;

Notice the addition of last_login_ip

I then modified the ion_auth_model.php file located in the models directory (there are two modifications made):

First change was with the login function lines 560-615:

Code:

/**
     * login
     *
     * @return bool
     * @author Mathew
     **/
    public function login($identity, $password, $remember=FALSE)
    {
        if (empty($identity) || empty($password) || !$this->identity_check($identity))
        {
        return FALSE;
        }

        $query = $this->db->select($this->identity_column.', id, password, group_id, last_login, ip_address')
                  ->where($this->identity_column, $identity)
                  ->where('active', 1)
                  ->where($this->ion_auth->_extra_where)
                  ->limit(1)
                  ->get($this->tables['users']);

        $result = $query->row();

        if ($query->num_rows() == 1)
        {
        $password = $this->hash_password_db($identity, $password);

        if ($result->password === $password)
        {

            $group_row = $this->db->select('name')->where('id', $result->group_id)->get($this->tables['groups'])->row();

            $session_data = array(
                    $this->identity_column => $result->{$this->identity_column},
                    'id'                   => $result->id, //kept for backwards compatibility
                    'user_id'              => $result->id, //everyone likes to overwrite id so we'll use user_id
                    'group_id'             => $result->group_id,
                    'group'                => $group_row->name,
                    'userlastlogin'        => $result->last_login,
                    'userlastloginip'      => $this->session->userdata('ip_address')
                     );

            $this->session->set_userdata($session_data);
                
            $this->update_last_login($result->id, $this->session->userdata('ip_address'));
        
            if ($remember && $this->config->item('remember_users', 'ion_auth'))
            {
            $this->remember_user($result->id);
            }

            return TRUE;
        }
        }

        return FALSE;
    }

Next I changed the update_last_login function lines 969-987:

Code:

/**
     * update_last_login
     *
     * @return bool
     * @author Ben Edmunds
     **/
    public function update_last_login($id,$lastloginip)
    {
        $this->load->helper('date');

        if (isset($this->ion_auth->_extra_where) && !empty($this->ion_auth->_extra_where))
        {
            $this->db->where($this->ion_auth->_extra_where);
        }

        $this->db->update($this->tables['users'], array('last_login' => now(), 'last_login_ip' => $lastloginip), array('id' => $id));

        return $this->db->affected_rows() == 1;
    }

Now the users last login will be available via session data like so:

Code:

echo $this->session->userdata('userlastlogin')
echo $this->session->userdata('userlastloginip')

Hope this helps. Might already be in there somewhere but I could not find it. This will allow you to print out the last login for this user not the current login.

Regards,
Ray

[eluser]austintbiggs[/eluser]
Will you be updating Ion Auth to fit the new CI_Controller / CI_Model and public / private functions?

instead of using

Code:

if ( ! class_exists('Controller'))
{
    class Controller extends CI_Controller {}
}

class Auth extends Controller {

    //redirect if needed, otherwise display the user list
    function index()
    {

using

Code:

class Auth extends CI_Controller {

    //redirect if needed, otherwise display the user list
    public function index()
    {

[eluser]Vanitas[/eluser]
Hi, for few days I'm playing with different auth libraries.

@EDIT
I used active records instead of ion auth functions and now works fine