Should you use authentication conditionals within a Model

[eluser]roppa_uk[/eluser]
Should you use authentication conditionals within a Model, or should you do the authentication on the code that calls the models functions? I want to make sure functions protected, that a user cannot overwrite someone else's data. However, having authentication in the model makes it very awkward for unit testing.

Thanks in advance!

[eluser]Otemu[/eluser]
Hi,

Normally I have authentication on the model and return true or false depending on the results. Then depending on what I want to happen, I could redirect or display some sort of error message using controller/view.

If your using the Codeigniter Validation class, you could use a callback to authenticate first before proceeding further. I am not sure if any of these methods will help you with your unit testing but just thought I provide my input :-)

Thought I better edit and add more: due to all the responses as this now seems like a very bad response. The type of authentication I was referring to was when your checking the database to login a user, for example you have a login form, first you run the validation(controller), if it passes then check if the user exists(model) return false or true and then display whatever message on the view or redirect(controller).

Sorry I kind of jumped ahead with the answer without probably giving it a more detailed answer like the other great response below.

Anyway least it all solved :-)

[eluser]vitoco[/eluser]
NO...all the authentication conditionals must be on the controller or inside a hook.

[eluser]roppa_uk[/eluser]
Thanks for the feedback guys. Vitoco, what are the reasons behind not putting the authentication conditionals in? Even if the answer is nooby, it would be good to have bullet points for best practice. Cheers

[eluser]vitoco[/eluser]
To me models have function that just handle raw data ( CRUD ), with certain parameters, on the other hand if a user can access a certain function inside a model to set/retrieve data, it's up to the controller or hook to allow or restrict that call, and to verify if the info sended to that particular function it's clean and permitted to that user.

[eluser]roppa_uk[/eluser]
Great, that makes sense. A user will not have access to a model directly. Great. Thanks!

[eluser]boltsabre[/eluser]
I know it's been answered but thought I'd chuck my 2 cents worth in as well.

I personally do all my authentication as early as possible, way before models are called. Why?

1. There is no point in wasting your server power doing a bunch of stuff (looping over arrays, loading libraries, config file, helpers, writing various variables into memory, loading your model, calling functions, etc) only to have it finally get to the model and go "oh... you're not logged in, get out and go to the login screen or whatever. If a whole controller is restricted make the check in the constructor. If it's just one method that's restricted, make the very first line your check. If they shouldn't be there, get them out of there as quick as possible. Which leads onto my next point.

2. It's a bit scary letting an unauthorised request get that far (into your model). On small to medium applications it's normally not a worry, but for bigger stuff it can leave security problems and/or cause unexpected behaviour/bugs. It's bit like having a big castle and letting someone get over the moat, through the front gate, into the bailey and to the front door of the inner keep before a guard kicks them out. What if by some chance there was a little secret trap door somewhere in your castle that you've forgotten about, it's possible that they could get through that and into your inner keep and not even meet that one guard you've got. However, if you'd stopped them at the moat, they would have never even had the possibility to stumble upon that forgotten trap door.

3. And lastly, you're wasting your users time. Redirect them ASAP for faster page loads. It's not going to be much, but it's one of those 1% things that can quickly add up if you're applying the same attention to the little details across the rest of you site/application.

[eluser]roppa_uk[/eluser]
Thanks boltsabre, very in depth reasoning. I have modified my model now, removing authentication from it. It has made it possible to test these functions in a standard way. Thanks all!