Welcome Guest, Not a member yet? Register   Sign In
Authentication checking
#1

[eluser]someone Smile[/eluser]
Hello,

I'm going to write some little authentication for my news system, but I don't know how to check authentication from some other controller.

So I will write controller with name Authentication and I would like to check auth in other controller which is named Admin. To this controller can access only those who are logged in (for now, after I will create user groups) and nobody else. I have never used construct in my controller so I don't know what do I have to type in it to restrict access to non-users.

Thanks for help! :-)
#2

[eluser]InsiteFX[/eluser]
CodeIgniter Base Classes: Keeping it DRY
#3

[eluser]LuckyFella73[/eluser]
You could extend the CI_Controller with an Admin_Controller.
In your Admin_Controller construct you check for logged in
user. Then extend all controllers where access has to be restricted
with the Admin_Controller.

In application/core you would have:
Code:
// Admin_Controller.php

<?php

class Admin_Controller extends CI_Controller
{

function __construct()
{
  parent::__construct();
  
  // check for looged in user here
  // redirect if user is not logged
}
}

In your restricted controllers you would have:
Code:
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');

class Your_restricted_controller extends Admin_Controller {
function __construct()
{
  parent::__construct();
}
// more code here

I guess you need that in your config.php also:
Code:
// application/config/config.php

/*
| -------------------------------------------------------------------------
| Native spl_autoload_register() - by Kenneth Vogt
| -------------------------------------------------------------------------
|
| Here is an updated version of Phil Sturgeon’s code:
|
| Thanks to Phil Sturgeon and Kenneth Vogt.
|
| NOTE:
| Requires PHP 5.3.+
| As of CI 3.0 Dev - The constant EXT has been removed modified
| should work for all version of CI and PHP 5.3
|
| Place at the bottom of your ./application/config/config.php file.
| -------------------------------------------------------------------------
*/
spl_autoload_register(function($class)
{
if (strpos($class, 'CI_') !== 0)
{
  if (file_exists($file = APPPATH . 'core/' . $class . '.php'))
  {
   include $file;
  }
  elseif (file_exists($file = APPPATH . 'libraries/' . $class . '.php'))
  {
   include $file;
  }
}
});

Hope that makes sense to you
#4

[eluser]someone Smile[/eluser]
I understand this, but it make sense to create new Admin_Controller if I will use this "protection" on just one controller?
#5

[eluser]LuckyFella73[/eluser]
I set up all my projects having a MY_Controller, Admin_Controller and Frontend_Controller.
Maybe you need to check for logged in user in an other controller later then
you can just extend the new controller with Admin_Controller without much hassle.
It's no big deal to set it up that way from beginning so why not just do it?
#6

[eluser]JamieBarton[/eluser]
I'd create a MY_Controller.php file which contains perhaps:

Code:
public function is_logged_in() {
  return $this->auth->current_user();
}

Then you'd have in the auth library the logic behind that, that would check if the session existed for that for user, if not it would return FALSE.




Theme © iAndrew 2016 - Forum software by © MyBB