Welcome Guest, Not a member yet? Register   Sign In
For CI 3.1.6: Seeking very simple login system, no DB, good example code
#1

For CI 3.1.6: Seeking very simple login system, no DB, good example code

I'm converting a legacy site to CI...  It has an old, creaky, unreliable generic php login system, with "remember me". Which I'd like to replace with a new, reliable, CI-integrated, package also with "remember me".

The site will never have more than about 5 registered users.  The access restriction applicable to each page:  none (public) -- restricted -- webmaster-only.  Each registered user has one of two privilege levels.  

For  simplicity and portability I'd like to do this without a database. (For my minimal requirements  a DB seems like huge overkill.)  Also, don't need a registration system -- I can maintain the credentials manually.  They don't change very often.

I've found about two dozen auth bolt-ons for CI, but almost all of them require a DB.  Some of the products don't seem very current, which is a bit worrying.   CI 4 is on the horizon...

And:  most of the docs I've found are pretty abstract -- I can't actually see how the auth system is used  in concrete terms.   (Yeah, my CI skills are not the greatest.) As I'm fully loaded with other details of conversion -- not to mention a serious back-up in the incoming content stream -- I need a simple, representative implementation example to work from.

Fallback:  I'll use a DB if I must, as long as the requirements above are met.

TIA
Reply
#2

Without a DB it will not be secure!
What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply
#3

If you intend to manage the login credentials manually, you could just setup an array of them in the config file.

like in config.php

PHP Code:
$config['insecure_logins'] = array("username1"=>"password","username2"=>"password",...) 

Then make your login page (form with username and password) post it to a controller and check the config login array to see if it matches.

Of course, you should secure the passwords with something and you should have a brute force detection.

I'd take the time to get one of the authentication systems and use them so you learn how to setup a legitimate authentication system so the next time you actually need something robust, you'll already know one and know how to do it.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB