[eluser]jedd[/eluser]
[quote author="koskoz" date="1249058456"]Yeah but you add it to each controller that need it right ?
So if you want to change something in your little piece of code you need to change it in every controller that use it.[/quote]
I have a 1 or 2 line piece of code in my controllers, yes - but that code never changes. It simply calls a function that will come back if the user is logged in / is admin - or it redirects off to wherever it needs to go if they are not admin / not logged in.
So .. my Admin controller has this in its constructor:
Code:
if (! $this->_is_admin())
redirect('/people/login');
In MY_Controller I have a couple of auth functions -
_is_admin and the one I mentioned before,
_ensure_authenticated_user. My _is_admin function looks like this:
Code:
function _is_admin ( ) {
return ($this->session->userdata('admin')) ? TRUE : FALSE;
}
The session data is registered at login (authentication) time. So I
could just have checks of the user data whenever I want to check if it's an admin, but having this function being in-directed through MY_Controller like this means I can, relatively easily, extend this to more complex admin-style (are they a moderator, a vice-admin, etc) checks in the future.
But any
future change will always involve code changes .. otherwise it wouldn't be a change.
My point is that there's always a trade-off between complexity now versus complexity later.
With the problem you have cited with your code, are you setting userdata('logged_in') when the user is authenticated?
I wouldn't have it in the constructor of my MY_Controller - I'd separate it out (as I've done above) into a private function and then call it in each controller. That way you can have more control over which of your controllers need which level of authentication.