Yet another login question

[eluser]airween[/eluser]
Hello everyone,

I'm new in CI, I see there are many question about login method, but I think those're too simple

So, what I want:
- there is an application
- it has many controller
- every controller needs authenticated session, except login and userreg

I don't want to include to constuctor of every controller's - I think it's dangerous, eg. I miss include it... Possible it would be better to route every query to login if it hasn't valid session, _and_ it's not login or userreg.

I've made this:

system/application/config/routes.php

Code:

session_start();
if (!isset($_SESSION['isAuthenticated']) || $_SESSION['isAuthenticated'] === false) {
    $route['^.*$'] = "login";
}

NB: this is not the final solution.

My questions:
- is it a "good" solution? How could you make it another way?
- this has no effect when default controller has loaded. Why?
- should I use another mode to start the session instead of session_start()? How can I use CI Session class? NB: it must be loaded in router, not in controller!
- how can I redirect instead of re-route the URL in router?


Thank you:


a.

[eluser]TheFuzzy0ne[/eluser]
That could just as easily be put into a custom controller method in MY_Controller.php. I don't understand fully why you don't. You could easily implement it so that you would never have to call it manually, although with that said, that's part of the development process. Forgetting to put a line of code in the constructor is like forgetting to put the wheels on a car, and in any case, just as with the car, it should be picked up on when you test your application. I religiously test any areas that require admin access, to ensure that it's working. Even if I did put the line of code into my constructor.

I think that calling session_start() might bust the way CodeIgniter handles sessions (assuming you're using it, and if not, why not?)