• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Working with Users


I'm getting started with CodeIgniter (trying to learn the MVC approach to program design, as well as trying to learn how to use a framework), and I want to create a simple application. The basic flow would be

1. Check if the user is authenticated.
2. If the user is not authenticated, display and process a login form.
3. If the user is authenticated, display a page and process some input.

I've managed to create the authentication code (step 2) and the input processing (step 3), but now I don't know how to go about step 1. I have two ideas, and I want to know if they are good, and how you would improve them.

The first idea is to create an Index controller which checks to see whether the user is authenticated, and, if he or she is, redirect the user to the controller for step 3. Otherwise, redirect the user to the authentication page. It seems simple enough. The only downside I can see is that I am writing a third controller and that when someone accesses the website, the first thing they get is a redirect (this is particularly painful for a mobile user).

The second idea is to load the controller I wrote for user authentication and have something like if the user is authenticated, redirect to the controller for step 3; otherwise, go to step 2 inside the constructor. This also seems simple, but I don't know if it is the right approach.

Any thoughts on this matter? I also don't want suggestions for authentication libraries, as I'm just trying to play with the framework, not create anything complex. Thanks in advance!

Having bunch of lines in EVERY controller constructor, not just about having ugly and un-maintainable code, but it's indeed break the OO rules itself.

Since this is an OO issues, there are one thing you shouldnt missed : Object Inheritance. In this case, you may consider to this :

1. Declare a "base" controller for each type of your controller.
2. Create some automatic procedure that separate your controller type.
3. Specify some global variable or function, so you (D)ont ®epeat (Y)ourself.

You can do that by creating MY_Controller.php, and put that into your 'core' folder inside application folder. I just will show you the idea...
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
/* This is the main Base Controller, a place for declare a global variable or some handy function */
class Base_Controller extends CI_Controller {
    protected $is_login;
    protected $other_important_globalvar;      
    public function __construct()
        // Declare your common class/library here, or in config/autoload.php
        // ... and so on

        // Here you can define the user state as a global variable
        // which accessible from all child controller which extends this class
        $this->is_login = (bool) $this->yourauthlib->is_login();
        // ... and so on

/* This is the main Public Controller, a parent controller for all public/accessible controller */
class Public_Controller extends Base_Controller {
    protected $var_public;
    public function __construct()
        // Here you can load additional class/library which common used by your public controller
        // You also can declare some common variable
        $this->var_public = 'foo';
/* This is the main Admin Controller, a parent controller for all controller which only accessible after user authenticated by system */
class Admin_Controller extends Base_Controller {
    protected $var_admin;
    public function __construct()
        // If user not authenticated, send them to login page
        $this->is_login == TRUE or redirect('login');
        // Here you can load additional class/library which common used by your admin controller
        // You also can declare some common variable
        $this->var_admin = 'bar';
Now, you can use above type of controller: you can extends from Public_Controller for all your accessible controller, and extends from Admin_Controller to the rest of your controller which need to authenticate user.

And since you already declare a global variable, like user authentification checks (it only run once) you doesn't need to repeat an authentification procedure and execute a library function everywhere in your controller to check user state, now you can use $this->is_login to determine that.

Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  

  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2021 MyBB Group.