[eluser]TheFuzzy0ne[/eluser]
[quote author="Nial" date="1236479330"]Also, TheFuzzy0ne, when you mention 'refreshing' user data, would that be (in my case) running the login (process_login) code for setting session data, inside the logged_in function, also?
Code:
$this->CI->session->set_userdata('logged_user', $username);
[/quote]
Whoops! Sorry, I missed that part. I created a fairly simple authentication/authorisation library that basically refreshes the userdata from the database automatically if they are logged in. If the account has been deactivated for whatever reason, the change affects them immediately (when they make their next request) and they are logged out. The login function checks that the account is active, and won't let them log in if it's not. The login process is not quite the same, but it does call on the same method, _set_userdata(), which is responsible for grabbing the data from the database, and putting it into the session data.
The only data that is refreshed at the moment, is the user's admin level (as it needs to reflect any changes such as promotions or demotions as soon as they happen). Everything else stays as-is. If the user's account has been disabled, then any data to do with the login only is removed, and thus they are logged out.
