Redux Authentication 1.4a (24th July 2008)

[eluser]little brittle[/eluser]
I got HTML email working by switching over to the mail protocol since I can't get SMTP or sendmail working with redux_auth. I do have a couple other questions about the library.

Can we disable the question/secret answer part of registration? Ideally, I'd just like to send users a password reset email after they input their email address into a "forgot password" form.

Is there any way to limit new registrations to a certain domain or array of domains? For example, if I'm making a corporate intranet site, it would be nice to limit registrants to those with an official email address.

Is there a way to store a timestamp of the registration date?

[eluser]Fenix[/eluser]
I'm not sure if this is where I'm supposed to post support requests but...

If this is my admin dashboard controller, am I using logged_in() correctly? For starters, I need this page to only be accessible by people who are logged in. Secondly, I need to check for authorization for the particular page (that the user is an admin).

Code:

<?php
class Dashboard extends Controller
{
    function Dashboard()
    {
        parent::Controller();
        if(!$this->redux_auth->logged_in())
        {
            redirect('users/login','refresh');
        }
    }
    
    function index()
    {
        $data['is_home'] = false;
        $data['page_title'] = 'Dashboard';
        $data['left_col'] = 'leftnav_view';
        $data['center_col'] = 'dashboard_cview';
        $data['right_col'] = 'rightcol_view';
        $data['footer'] = 'footer_view';
        
        // Load Views
        $this->load->vars($data);
        $this->load->view('template_view',$data);
    }
}

Thanks in advanced for some help. IMO common tasks like these should be tutorials in the user guide ^__^

[eluser]Mellis[/eluser]
This is a response to the previous post (#270)

Hello,

This is how I handle authentication in an application with redux auth.

I altered some files:
(btw sorry that documentation in the code is non existent at the moment)

./app/libraries/redux_auth.php

// added this to constructor:

Code:

...

    /**
    * get group->titles and group->ids from the groups table and define them as constants
    * this defines USER = 2, ADMINISTRATOR = ... (and other groups i have created) as constants
    */
        $this->_define_groups();

    /*
    *
    * Set permissions for different sections in the application here
    * AED_ELEMENT stands for: ADD, EDIT and DELETE ELEMENT
    */
    define('USER_ACC', USER + MODERATOR + ADMINISTRATOR);
    define('ADMIN_ACC', ADMINISTRATOR);
    
            
    define('ENTER_APP', USER + MODERATOR + ADMINISTRATOR);
    define('REGISTER_USER', ADMINISTRATOR);

     define('AED_SHOP', ADMINISTRATOR);

}

this is the function used in the constructor

Code:

/**
* _get_groups
* this function gets all the groups out of the groups table
* this function is used to define the rights in the application
**/
protected function _get_groups($groups)
{
    $i = $this->ci->db->select($groups.'.id, '.$groups.'.title')
    ->from($groups)
    ->order_by('id','asc')
    ->get();
            
    return $var = ($i->num_rows() > 0) ? $i->result() : false;
}
        
public function get_groups(){return $this->_get_groups($this->groups_table);}

/**
*
**/
protected function _define_groups()
{
$groups = $this->get_groups();
            
    foreach($groups as $object)
    {
    define($object->title, $object->id);
    }
}

This is the code I added to the library to be able to check if a user belongs to the right group for a certain area of the app.

Code:

/**
* if the second argument is set to 'LOGIN', this function will redirect to the
* login page (set in config[auth][auth_controller] + 'login')
**/
public function is_auth($sectionlevel, $redirect = FALSE)
{    
    $userlevel = $this->get_group_id($this->ci->session->userdata('id'));
            
    $authorized = false;
            
      if($userlevel && $sectionlevel)
        {
        //use bitwise AND operator to check if user has access
        $authorized = ($userlevel & $sectionlevel) > 0;
        }

          if(!$authorized)
        {
        switch($redirect)
        {
            case 'LOGIN':
        $this->logout();
        $this->ci->session->set_flashdata('auth', $this->ci->uri->uri_string());
        redirect($this->auth_controller.'login/');
                    
            default:
            //nutt'n yet, just return false if not authorized
        }
    }
                        
    return $authorized;
            
}

I have altered the logout function in redux_auth because I was unable to send flashdata through the is_auth() function (was caused by the sess_destroy)

Code:

/**
    * logout
    *
    * @access public
    * @param void
    * @return void
    **/
    public function logout ()
    {
        $this->ci->session->unset_userdata('id');
        //I disabled this line because it's unnecessary and this way i can still use flashdata
        //and logout a user at the same time.
        //$this->ci->session->sess_destroy();
        }

this is what is altered in my login function in my user controller:
./app/controller/user_controller.php

Code:

public function login()
    {
      //set validation rules
                
        if ($this->validation->run())
        {
                            
          $login = $this->redux_auth->login
            (
                $this->input->post('email'),
                $this->input->post('password')
            );
            
            if($login)
            {
            // redirects to the path saved in flashdata('auth') through the is_auth() function in redux_auth library
              $rdr = ($this->session->flashdata('auth')) ? $this->session->flashdata('auth') : $this->redux_auth->route_start;

              redirect($rdr);
            }
            else
            {
            // whatever
            }
        }
        else
        {
   // keep the flash data alive that was received through is_auth() function in redux_auth library
          if($this->session->flashdata('auth')){$this->session->keep_flashdata('auth');}
          //display data
        }
    }

and then, anywhere I want (and load the redux_auth library) I check for the right level of auth like this:

./app/controller/shop_controller.php

Code:

public function shop($id, $next)
{
        
  $this->redux_auth->is_auth(AED_SHOP, 'LOGIN');

  ...
}

or you can use it in the constructor of the controller to check with the same arguments for every function in that controller
or you can use it without the second argument and check like this:

Code:

if($this->redux_auth->is_auth(AED_SHOP, 'LOGIN'))
{
...
}

for whatever secion I have, I can create a new privilege rule.

This works for me, however I have some questions of my own:
There must be a better place to declare the rights than the constructor of the redux_auth library. Anybody have a suggestion?
Is it ok to just unset the userdata('id') to log someone out? (seems fine, but maybe I'm missing something)
Does anybody have any suggestions in general?

Thanks in advance.
And hope this helps a little.

Bye now.

[eluser]Unknown[/eluser]
Having nothing but trouble installing redux, hope somebody can help me out.

- I've downloaded and unzipped 1.4a.
- Changed the PHP version at my site from 4 to 5.
- Uploaded the library and config files.
- Created the db tables using "install.sql".
- Made the changes described in the documentation's "Installation" section.
- Generated an encryption key.
- Generated a salt key.
- Noticed that the "Controllers" documentation link is broken, but assumed that what I needed could be found in the examples documentation.

Now, no matter what combination controller- and view- names I try, using the sample code in the docs, I either get a simple 404, or a "cannot load requested page" error.

Can someone explain exactly the configuration and names of the controller(s) and view(s) required to make this work?

Thanks,

Greg

[eluser]Popcorn[/eluser]
Hello,

I have been away working on some projects so you can rest assured I have not forgotten all of you. It seems like an update is in order.

little brittle

For some reason, html email isn’t working during registration. I can receive the registration email if I change the mailtype to “text”, but nothing arrives if it is html. I set the auth controller up so it echos “success” if it mails without errors, and it echos “success” even though it isn’t being sent.

One thing that might be causing it is that I had to change the newline format to “\r\n” in my email config file. I’ve tried adding it in the redux config file, but nothing changes. Any ideas on how to make this work?

I've been sending html emails with Redux Authentication 1.4 without any errors. Can you provide a code example which is just needed to replicate the bug and I will look into this.

mcrafal

The same. Cannot use email class when redux autoloaded.
The error from email_debuger:

A PHP Error was encountered
Severity: Warning
Message: mail() [function.mail]: Bad parameters to mail() function, mail not sent.
Filename: libraries/Email.php
Line Number: 1428

Any ideas? (CI 1.6.3, Redux 1.4)

Try loading the email library before redux. If that doesn't work can you provide me with a code example to replicate the bug.

little brittle

Can we disable the question/secret answer part of registration? Ideally, I’d just like to send users a password reset email after they input their email address into a “forgot password” form.

No, these would both require modification and I suggest you change the code to suit your needs

Is there any way to limit new registrations to a certain domain or array of domains? For example, if I’m making a corporate intranet site, it would be nice to limit registrants to those with an official email address.

Easy, create a validation callback with a regular expression to see if they've used the correct email.

Is there a way to store a timestamp of the registration date?

This is something I've decided that needs to be added and you will see it in the next version

Fenix

am I using logged_in() correctly?

Yes

Secondly, I need to check for authorization for the particular page (that the user is an admin).

The get group function will retrieve the current group of the logged in user. Just pass the session user id as the parameter.

Mellis

I will check your code over later.

Is it ok to just unset the userdata(’id’) to log someone out? (seems fine, but maybe I’m missing something)

Yes, it should be fine.

Greg Griffith

Sorry to hear your experience.

The documentation is outdated and is one of the reasons it should not be used. You can find a newer documentation at Amazon.

https://redux.s3.amazonaws.com/index.html

TODO version 1.5
*Improved security (No longer requires hash column in users table),
*Better documentation,
*Change password feature,
*Registration date.
*A proper sample application to demonstrate all functionality of redux.
*Fix the php switch bug.

And hopefully a more elegant email solution.

Kind Regards,
-Mathew Davies.

[eluser]CARP[/eluser]
Cool
Thanks Mathew. We'll be waiting for the 1.5
It sounds very promising

[eluser]Unknown[/eluser]
Hi,

I was just wondering if there was a way to move the email_activation_message, forgotten_password_subject and new_password_message out of the conf file so that we can use templates, css and other variables like site urls and things without hardcoding it into every template.

Thanks!

[eluser]Xeoncross[/eluser]
[quote author="Popcorn" date="1219807985"]
*A proper sample application to demonstrate all functionality of redux.[/quote]

Can't wait for that!

[eluser]Mellis[/eluser]
Instead of saying that I can't wait for the next edition to come by, I want to offer some help. So Popcorn, if you get a chance (find the time) to look at the stuff I added, maybe you can judge if you could use my help for your project. (I'm also quite occupied, but every little bit helps right?)

Greets

[eluser]freshface[/eluser]
Any idea on the 1.5 launch?