Welcome Guest, Not a member yet? Register   Sign In
Appunto-Auth - Authorization and User Management Library
#1

(This post was last modified: 11-15-2014, 12:06 PM by bclinton.)

Hello!

I'd like to announce the release of Appunto-Auth, an Authorization and User Management Library for CodeIgniter 2.

Appunto-Auth is different than other authorization libraries in several ways.  First of all, it performs authorization in a hook before your controller functions are ever called, keeping your controller classes and functions free from repeated calls to authorization functions. 

It also implements a simple ACL with users, roles, and permissions.  Permissions can be assigned to your application paths, and these permissions are then granted to users, or to groups of users who share a common role.   It offers a rich administrative interface for the management of your users, roles, permissions and paths.

All of the visible text in the admin interface and in the system messages are drawn from language files so you can convert it to your native language.  It comes with a Portuguese language version and there is a demo of this version at the website.  You will find instructions for translating Appunto-Auth in the README.md file.   If you do translate Appunto-Auth, please send me the converted language files and I will include them in future releases.

Please stop by the website at http://appunto.net/appunto-auth/ and check it out.  There are several videos, including an introduction video and an installation walk-through video.  Both of these are around 7 minutes long.

The website also has two demo versions (English and Portuguese), a download link, and a link to the GitHub repository at https://github.com/BillClinton/Appunto-Auth .  Read the README.md at GitHub for more detailed information.

I welcome feedback.  Please let me know if you find any bugs, especially security issues, or if you have any suggestions for future improvements
Reply
#2

(This post was last modified: 01-05-2015, 09:12 PM by bclinton.)

Space reserved for version history, new issues and bugs, and plans for future releases.

Release History

Current version: 0.1.3
- added CSRF protection for admin interface
- fixed bug preventing CodeIgniter errors from being shown (would show 500 error instead of CodeIgniter message)

Previous releases:
0.1.2  (first public release)


Current Issues

- login page causes blank page error on systems without the --enable-short-tags option. Fixed in master and updated view available here: https://github.com/BillClinton/Appunto-A.../login.php
- tabbing between fields on forms in modal windows does not work in Firefox and IE (works in Chrome).  This is an ExtJS bug (EXTJS-15157) that has been addressed and will be fixed in Appunto-Auth when Sencha releases the next GPL version
- Trying to add a duplicate username shows a DB error for the unique key violation. This error should be intercepted and made user friendly.


Future Development

- add support for databases other than MySQL
- implement a version for CodeIgniter 3
Reply
#3

I tried installing appunto-auth 0.1.3 in codeigniter 2.2.0 running locally on XAMMP 1.8.2 on Windows 7 32bits. everything went smooth until the hooks part. When I enable Hooks and refresh the browser (firefox, IE, Chrome) I don't get any error, yet I dont see the login panel. When I disable the hooks from config.php, i am taken back to admin page.
Reply
#4

(12-29-2014, 04:26 AM)tads Wrote: I tried installing appunto-auth 0.1.3 in codeigniter 2.2.0 running locally on XAMMP 1.8.2 on Windows 7 32bits. everything went smooth until the hooks part. When I enable Hooks and refresh the browser (firefox, IE, Chrome) I don't get any error, yet I dont see the login panel. When I disable the hooks from config.php, i am taken back to admin page.

Thanks to Bill. Here is the solution, just in case there are someone like me...

On Xampp, it looks like the "php" is required in code tags in views.  It may be that the pages you are trying to access are marked as private (the default if you do not change them) and codeigniter is not rendering the login.php view correctly.

Try this, in views/appunto-auth/login.php:  change:

<? echo $site_name ?> to <?php echo $site_name ?>

and change

<? echo appunto_login_box($auth_message) ?> to <?php echo appunto_login_box($auth_message) ?>
Reply
#5

Hi BIll!
I was trying to use Appunto: after copying files, load the sql tables and enabling hooks, I can't reach the admin.
I removed the index.php in the url of my application with a .htaccess file like this

Code:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/system.*
RewriteRule ^(.*)$ index.php?/$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.+)$ index.php?/$1 [L]
</IfModule>

As you suggest in the installation guide (and if I'm not misunderstanding) I added this condition
Code:
#RewriteCond $1 !^(index\.php|images|robots\.txt|resources)

and this rule. I'm using XAMPP all the files are in htdocs/MAGAZZINO_CI_3/
Code:
RewriteRule ^(.*)$ /MAGAZZINO_CI_3/index.php/$1 [L]

when I try to get this URL with hooks ENABLED I get this: "You have requested an invalid path."
if I DISABLE hook I get a blank page

Thanks for you wonderful Library and for your support
Reply
#6

(This post was last modified: 01-05-2015, 09:32 PM by bclinton.)

(01-05-2015, 10:23 AM)kleenex Wrote: when I try to get this URL with hooks ENABLED I get this: "You have requested an invalid path."
if I DISABLE hook I get a blank page

Thanks for you wonderful Library and for your support

When you enable the hook, Appunto-auth will look at every request and give you the "You have requested an invalid path." error for every path it does not know about.  This includes controller/function paths that do or do not exist.  This most commonly would come up when you create a new controller or a new function in a controller.

Before enabling hooks, go to the paths section in the admin interface.  This will search the filesystem for any new paths and store them in the database.  Appunto-Auth now knows about your application's paths.  You must also do this when developing with $config['enable_hooks'] set to true when you create a new controller, or alter your application's paths.

Paths will be marked private by default, so if you re-enable hooks at this point you will no longer see the "You have requested an invalid path" error, but you will be required to log in to see the page.  In the paths section of the admin interface, select a controller and right click on a path to make it public or assign it a permission.

I should be clearer about this in the documentation.  I'll update it soon.

~~~~~~~~

I believe the problem with a blank page when you try to view the admin interface may be the same issue tads was experiencing above.  This is fixed in master and you can copy this file https://github.com/BillClinton/Appunto-A.../login.php  to your application/views/appunto-auth directory to resolve it.

Let me know if that works for you or you have any other questions.

If it does not work for you, let me know the url you are using to access the admin interface.
Reply
#7

Thanks Bill.
I updated the login view and now I can access to the panel, keeping hooks disabled.

I followed the instructions of your video for the configuration.

When I go to "Paths" I get a pop-up with the message:

SERVER ERROR - error decoding the response sent by the server

In the paths I can see all my controllers, but I can't see Appunto controllers Ui and Users.

I repeat all the installation step you suggest, and I get the same response

Thanks again
Reply
#8

Does the same error appear again when you hit the refresh button at the bottom of the "Paths" page?

Try adding ini_set('display_errors', 1); to the top of your CodeIgniter index.php. Also, enabling logging in your CodeIgniter config.php and check out the error log to see if anything is going there.

I suspect some kind of server error, but it is difficult to say what it might be without the error message.
Reply
#9

(This post was last modified: 01-06-2015, 10:25 AM by bclinton.)

"error decoding the response sent by the server" occurs when the Javascript interface does not recognize the response sent from the server as valid JSON or a CodeIgniter error page. It would most commonly be caused by the server returning a blank page when there is an internal server error and PHP is not set to display errors.

If the above suggestion does not cause a more descriptive error message to be displayed in the browser or the error log, you can try this to see exactly what the server is sending:

Are you familiar with Chrome Developer Tools or the Mozilla Web Console? In either Chrome or Mozilla Firefox, bring up the "Paths" page. Right click somewhere in the page header and choose "Inspect Element". This will open the Chrome Developer Tools or the Mozilla Web Console. Click the "Network Tab" which shows requests made to the server. Hit the "Refresh" button on the paths page and you should see one or both of those requests come up in the Network tab of the Chrome Developer Tools or the Mozilla Web Console.

Most likely one of them is not returning 200 as the status... Maybe a 500 error? You can click the request in Chrome Developer Tools or the Mozilla Web Console to get more information. Look at the response. It should be JSON. Is it an error? Is it blank?
Reply
#10

(01-06-2015, 10:18 AM)bclinton Wrote: Does the same error appear again when you hit the refresh button at the bottom of the "Paths" page?

Yes it does

I try a new complete fresh installation of codeigniter in a new folder of htdocs of XAMPP: then I installed here Appunto and it seems to work! I can open Appunto admin and here I can list the paths as you described in your video tutorial.

So, the problem is mine Huh
(so, maybe now you can understand the reason of my nickname Wink )

PS: enabling logging in the fresh installation I only get this error:

Code:
ERROR - 2015-01-06 19:14:04 --> Severity: 8192  --> mysql_pconnect(): The mysql extension is deprecated and will be removed in the future: use mysqli or PDO instead /Applications/XAMPP/xamppfiles/htdocs/TEST/system/database/drivers/mysql/mysql_driver.php 91

thanks againg!
I hope to solve my problems and start using Appunto as soon as possible!
Reply




Theme © iAndrew 2016 - Forum software by © MyBB