Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Archived Discussions Archived Development & Programming Confused about HMVC and CMS seperation/integration
Confused about HMVC and CMS seperation/integration
  • El Forum
    Guest
  •  
#11
02-01-2010, 05:26 AM

[eluser]Fabdrol[/eluser]
@ghost,

It's a nice solution. But still, I would implement security using a sep. auth library to do the magic, that way you can keep it all onubstrusive. - if you need to change any part of your security model (like the way your password's are salted & hashed, or encrypted or whatever) you won't need to change all your code, you just change the lib.

It's easy to use with MY_Controller as well...

Code:
class MY_Controller extends Controller {
    public function Controller() {
        parent::Controller();
        
        $this->load->library('session');
        if ($this->auth->is_logged_in() == false) {
            redirect('sessions/login');
        }
    }
}

session controller:
Code:
class Sessions extends Controller {
    public function __construct() {
        parent::Controller();
    }

    public function login() {
        if($this->auth->is_logged_in() == false) {
            $this->load->view('authentication/login');
        } else {
            redirect('somewhere');
        }
    }

    public function do_login($sess_id) {
        if($this->auth->is_logged_in() == false) {
            if($this->session->userdata('session_id') != $sess_id) {
                // the session has timed out. try again.
                $this->load->view('authentication/timeout');
            }
        
            $username = $this->input->post('username', true);
            $password = $this->input->post('password', true);
        
            if($this->auth->login($username, $password) == false) {
                // check if username exists, if not the pass is wrong
                if($this->auth->username_exists($username) == false) {
                    $data['error'] = array(
                        'type' => 'USERNAME_DOESNT_EXIST',
                        'msg' => 'Your username doesn\'t exist. Please try again.'
                    );
                
                    $this->load->view('authentication/login', $data);
                } else {
                    // pass is wrong
                    $data['error'] = array(
                        'type' => 'WRONG_PASSWORD',
                        'msg' => 'Your password is incorrect. Please try again.'
                    );
                
                    $this->load->view('authentication/login', $data);
                }
            } else {
                // user logged in... redirect somewhere
                redirect('somewhere');
            }
        } else {
            // already logged in, redirect somewhere
            redirect('somewhere');
        }
    }

    public function logout() {
        if($this->auth->is_logged_in() == true) {
            if($this->auth->logout() == true) {
                // user is logged out.
                redirect('somewhere');
            } else {
                $data['error'] = array(
                    'type' => 'COULDNT_LOGOUT',
                    'msg' => 'Somehow, we couldn\'t logout. Please, try again.'
                );
            
                $this->load->view('authentication/error', $data);
            }
        } else {
            // your're not logged in.
            redirect('sessions/login');
        }
    }
}

Mostly code taken from one of my own projects, but not that hard to make. I recommend writing your own Auth library, there's very good ones out there (like tank_auth, see the wiki) but it's not as flexible as writing your own. Besides, if anything goes wrong.. you'd know what it is since it is your own code.

feel free to email me if you need any help creating a custom authentication library.

Fabian
fabian[at]dotbrilliance[dot]nl
  • El Forum
    Guest
  •  
#12
02-09-2010, 11:26 AM

[eluser]gh0st[/eluser]
Thanks for your help Fabian. There appears to be a lot of topics on the subject of making a Modular CMS using CodeIgniter; I suggest someone create a wiki for this, or summarize it in a sticky.

Thanks.
  • El Forum
    Guest
  •  
#13
02-09-2010, 07:03 PM

[eluser]ntheorist[/eluser]
i've tangled with this similar problem. One solution i've played with is creating admin_controller.php, and site_controller.php, both extending CI's Controller class, and then in your modules folder you'd have something like
Code:
modules/
        blog/
             controllers/
                     blog.admin.php <-- extends Admin_Controller
                     blog.site.php  <-- extends Site_Controller
             views/
                     admin/
                          navigation.php
                          content.php
                          etc..
                     site/
                          sidenav.php
                          post.php
                          categories.php
                          etc..

this way you can write whatever functionality you want in the Admin Controller Base Class that will interface with all your modules, Auth, Validation etc.. you may actually want to create an Interface class and enforce implementation by your module controllers. Anyway, there's a whole lot more organization involved of course but extending controllers is a good way to both allow for modular design and interface implementation. Of course you have to import your extended classes before you declare your module controller, ie
Code:
&lt;?php
include(APPPATH.'libraries/controllers/admin_controller.php');

class Blog_Admin_Controller extends Admin_Controller
{
    public function Blog_Admin_Controller()
    {
         parent::Admin_Controller();
    }

    // Write or override crud methods down here..
}
?&gt;

cheers,

n
  • El Forum
    Guest
  •  
#14
02-10-2010, 05:17 AM

[eluser]Phil Sturgeon[/eluser]
Here is a slightly more in-depth guide to making named Base Controllers with CodeIgniter I wrote up the other day.




Theme © iAndrew 2016 - Forum software by © MyBB