[eluser]Andy78[/eluser]
Ok iv created a basic registration and authentication controller and model. It seems to be working as I wanted so far but is this the best way to go about authenticating the username and passward using datamapper? look specifically at the validate_credential()function in the model. Also I dont want to use datamappers own validation and would rather stick to codeigniters standard validation. Here is my controller then the model
Code:
class Login extends CI_Controller {
function index(){
$data['main_content'] = 'login_form';
$this->load->view('includes/template', $data);
}
function validate_credentials()
{
// Create user object
$u = new Member();
// Put user supplied data into user object
$u->username = $this->input->post('username');
$u->password = $this->input->post('password');
if ($u->validate_credential()) // if the user's credentials validated...
{
$data = array(
'username' => $this->input->post('username'),
'is_logged_in' => true
);
$this->session->set_userdata($data);
redirect('site/members_area');
}
else // incorrect username or password
{
//Show the custom login error message
echo('Did not work').'</p>';
}
}
function signup()
{
$data['main_content'] = 'signup_form';
$this->load->view('includes/template', $data);
}
function create_member()
{
$this->load->library('form_validation');
// field name, error message, validation rules
$this->form_validation->set_rules('first_name', 'Name', 'trim|required');
$this->form_validation->set_rules('last_name', 'Last Name', 'trim|required');
$this->form_validation->set_rules('email_address', 'Email Address', 'trim|required|valid_email');
$this->form_validation->set_rules('username', 'Username', 'trim|required|min_length[4]');
$this->form_validation->set_rules('password', 'Password', 'trim|required|min_length[4]|max_length[32]');
$this->form_validation->set_rules('password2', 'Password Confirmation', 'trim|required|matches[password]');
if($this->form_validation->run() == FALSE)
{
$this->load->view('signup_form');
}
else
{
// Create user object
$user = new Member();
$user->first_name = $this->input->post('first_name');
$user->last_name = $this->input->post('last_name');
$user->email_address = $this->input->post('email_address');
$user->username = $this->input->post('username');
//Hash entered password
$password = sha1($this->input->post('password'));
//Create random hashed salt
$salt = $user->unique_salt();
//store random hashed salt and hashed password as the users password
$user->password = sha1($salt . $password);
//store the hashed salt with the user
$user->salt = $salt;
//save user details to the database
if($user->save())
{
$data['main_content'] = 'signup_successful';
$this->load->view('includes/template', $data);
}
else
{
// Show all error messages
echo '<p>' . $user->error->string . '</p>';
}
}
}
}
The model (datamapper model)
Code:
class Member extends DataMapper {
// Optionally, don't include a constructor if you don't need one.
function __construct($id = NULL)
{
parent::__construct($id);
}
// Optionally, you can add post model initialisation code
function post_model_init($from_cache = FALSE)
{
}
function validate_credential()
{
$username = $this->username;
$pword = sha1($this->password);
// Create a temporary user object
$u = new Member();
// Get this users stored record via their username
$u->where('username', $username)->get();
// Get users stored salt
$salt = $u->salt;
// Create a temporary user object
$user = new Member();
//Rebuild password
$password = sha1($salt . $pword);
//find user in database
$user->where('username', $username);
$user->where('password', $password);
$user->get();
// If there was no matching record, this user would be completely cleared so their id would be empty.
if ($user->exists())
{
// Login succeeded
return TRUE;
}
else
{
// Login failed, so set a custom error message
$this->error_message('login', 'username or password invalid');
// restore username for login field
$this->username = $username;
return FALSE;
}
}
// generates a 22 character long random string as salt
function unique_salt() {
return substr(sha1(mt_rand()),0,22);
}
}
/* End of file name.php */
/* Location: ./application/models/name.php */