Auth

[eluser]ibnclaudius[/eluser]
I'm coding an auth library, just for practicing...

I'd like you guys to help me improve it... I haven't tested it yet, I'm just asking to improve the logic, security etc.

And how do I implement the CSRF codeigniter? I didnt understand this part from the user guide, just use form_open()? I didnt understand this very well..

the library:
http://pastebin.com/B2dP3ktC

the model:
http://pastebin.com/ejDeCFEd

Thanks in advance!

[eluser]solid9[/eluser]
Why reinvent the wheel?
There are Authentication library for this already.

[eluser]ibnclaudius[/eluser]
It's just for practicing, improve my skills, exercise..

[eluser]solid9[/eluser]
Well you can get an idea here,
http://benedmunds.com/ion_auth/

Go ahead if you want to practice your skills.

[eluser]ibnclaudius[/eluser]
Thanks!

[eluser]Rok Biderman[/eluser]
You're putting clear text passwords into a table. This is an absolute nono. Also, you're not encrypting cookie values. Not trying to be harsh, but you need to read more about it or it's going to be inherently unsafe to use. Start here and here

[eluser]ibnclaudius[/eluser]
Made some changes, check it out.

I'm with some doubts about reseting the user password. I want to send an email to the user with a reset link. I select the email that has the $value associated, put in a flash session, so that I can use it later, and than delete it. Am I doing it right?

And I'm also with doubts about how use CSRF protection.

library:
http://pastebin.com/k9trs2iS

model:
http://pastebin.com/KKU8icBq