Welcome Guest, Not a member yet? Register   Sign In
Community Auth Issue
#1

Hey Guys,

I don't know if this is the issue of Community Auth or the CodeIgniter itself. I have setup the community Auth and running on my Codeigniter 3.1.3. When I place the session in the autoload, the community auth now could not login. I tried to trace the code and I found out this line 
Code:
$session_id = $this->CI->session->sess_regenerate( config_item('sess_regenerate_destroy') );

located in application/third_party/community_auth/libraries/Authentication.php causing the issue. The session returned null. Any way how can I use the Community Auth together with the session placed in the autoload? Check the attached image for the error I encountered. That error appeared when I set the `sess_regenerate_destroy` into `TRUE`. It won't log me in if I set it to `FALSE`.

   
-jaystream
Reply
#2

Community Auth loads the session in thr Auth Controller. The only reason you'd need to load the session is if you are serving up pages from controllers that don't extend My Controller.
Reply
#3

(08-27-2017, 03:10 PM)skunkbad Wrote: Community Auth loads the session in thr Auth Controller. The only reason you'd need to load the session is if you are serving up pages from controllers that don't extend My Controller.

Hi @skunkbad,

Thank you for the time looking into this. The issue also appear if I create a library and I need to load the session in the `__construct` function. So, I think this issue appears too if I install any library that loads session automatically. Do you have any idea how to solve that issue in that scenario?

Regards,
Jay-r
-jaystream
Reply
#4

(This post was last modified: 08-29-2017, 12:00 AM by skunkbad.)

If you'd rather not have Community Auth autoload stuff like the session, you should write a new _load_dependencies method in MY_Controller. Because MY_Controller extends Auth_Controller and that extends CI_Controller, adding the _load_dependencies method to MY_Controller would mean that it is the one that is used:

This is the one in Auth_Controller:


PHP Code:
/**
     * Load dependencies
     */
    private function _load_dependencies()
    {
        $this->load->add_package_path(APPPATH 'third_party/community_auth/');
        $this->load->database();
        $this->config->load('db_tables');
        $this->config->load('authentication');
        $this->load->library([
            'session','tokens','Authentication'
        ])->helper([
            'serialization','cookie'
        ])->model('auth_model');
        if(config_item('declared_auth_model') != 'auth_model')
            $this->load->model(config_item('declared_auth_model'));
    

So, if you want to, you can change this, or just make it empty, it's up to you. You just have to handle your own autoloading. One thing that is important though is notice that this method is private. Change it to protected, or your method in MY_Controller won't work. I need to change this in the Community Auth repo, so don't worry about changing it, because it should be protected, not private.

I think sessions can be a little tricky to autoload. I originally moved all this autoload stuff here in this method because I didn't want it to interfere with CLI usage, as I do a good bit of crons and commands in the terminal. In the past I would just have all the autoloaded stuff in config/autoload.php, but I'm not a big fan of that anymore. I guess I was under the impression that CI handles stuff like duplicate loading of the session, but what if you're using database sessions and the database isn't loaded? I'll see what I can find out about this, because you'd not be the first person to have a problem with it. I'm just not convinced it's my problem.
Reply
#5

Hi skunkbad,

Thank you for the time. I tried your suggestion but no luck. Still the `sess_regenerate()` function doesn't return the session id. Maybe because if `CI_Session` is loaded first than the `MY_Session` in Community Auth. I can see the `sess_regenerate()` function on `MY_Session` in Community Auth returned the Session ID but the `sess_regenerate()` function on `CI_Session` does not.

Now, if I install the library that has an auto-load of session, the `sess_regenerate()` function will returned null because that function is coming from the loaded `CI_Session`, not from `MY_Session`. The solution I can see now is changing the code in `Authentication.php` from 
Code:
$session_id = $this->CI->session->sess_regenerate( config_item('sess_regenerate_destroy') );

to
Code:
$session_id = $this->CI->session->session_id;

I don't know if this is the better approach but I can see this is the only way to make this plugin compatible with another library that has an auto-loaded session.

Do you think we can consider this as a list of concerned or fixes in the next version?

Thank you very much and I still open for any suggestion of what is the better approach than my solution above.

Regards,
Jay-r
-jaystream
Reply
#6

If you want you can zip up a copy of your site (or enough that I can test it) with a database dump, and provide a link so I can download it. I'll check it out. I've not once had a person complain about sessions where it wasn't a configuration issue or some other usage issue that had nothing to do with Community Auth. Up until maybe a year ago, Community Auth was autoloading everything just how you are probably trying to do, so it's not likely the case that you trying some other autoloading is screwing it up. It's probably something else.
Reply
#7

I have setup CodeIgniter with the auto-load library that I need together with Community Auth. You can download it here community_auth.zip

Just change the database config to your own. Database(xwb_community_auth.sql) dump file is also included in the folder. 

Once you have set it up. Try to login using this access:
username: admin
passwrod: Admin@1234
-jaystream
Reply
#8

(This post was last modified: 08-31-2017, 02:27 AM by sasbass.)

Hi, jaystream ,
I too downloaded file and I try to login through ajax.
But I saw some problems when can try to login with ajax login.

A Database Error Occurred

Error Number: 1048

Column 'id' cannot be null

INSERT INTO `auth_sessions` (`id`, `user_id`, `login_time`, `ip_address`, `user_agent`) VALUES (NULL, '2664792807', '2017-08-31 11:15:44', '::1', 'Chrome 60.0.3112.113 on Windows 7')

Filename: D:/xampp/htdocs/sites/community_auth/system/database/DB_driver.php

Line Number: 691

The problem for this is coming from id cannot be null.
you can change this table:

CREATE TABLE `auth_sessions` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`user_id` int(10) unsigned NOT NULL,
`login_time` datetime DEFAULT NULL,
`modified_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
`ip_address` varchar(45) NOT NULL,
`user_agent` varchar(60) DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8
Reply
#9

(08-31-2017, 02:24 AM)sasbass Wrote: Hi,  jaystream ,
I too download your file and try to login.
But I saw some problems when can try to login with ajax login.

A Database Error Occurred

Error Number: 1048

Column 'id' cannot be null

INSERT INTO `auth_sessions` (`id`, `user_id`, `login_time`, `ip_address`, `user_agent`) VALUES (NULL, '2664792807', '2017-08-31 11:15:44', '::1', 'Chrome 60.0.3112.113 on Windows 7')

Filename: D:/xampp/htdocs/sites/community_auth/system/database/DB_driver.php

Line Number: 691

The problem for this is coming from id cannot be null.
you can change this table:

CREATE TABLE `auth_sessions` (
 `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
 `user_id` int(10) unsigned NOT NULL,
 `login_time` datetime DEFAULT NULL,
 `modified_at` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
 `ip_address` varchar(45) NOT NULL,
 `user_agent` varchar(60) DEFAULT NULL,
 PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8

Hi sasbass,

Yeah, that is my issue trying to resolve. That error will appear if there is a `CI_Session` already loaded before the Community Auth. I have the library installed that loads the session in the `__construct()` function. You can eliminate that error by commenting out this line of code 
Code:
$this->xwb->load->library('session');

In the application/libraries/Lib.php.
But I can not do that because the library needs the session every page load.
My Question is how to use the Community Auth together with the library that has an autoload session?
-jaystream
Reply
#10

(This post was last modified: 08-31-2017, 11:56 AM by skunkbad.)

Here's what's up. I created a library that does nothing other than load the session, and I autoloaded it in config/autoload.php. Here's the library I used:


PHP Code:
class Sessionhog {
    public function __construct()
    {
        $CI =& get_instance();
        $CI->load->library('session');
    }


 and autoloading in config/autoload.php:


PHP Code:
$autoload['libraries'] = array('sessionhog'); 


and yes, there was definitely an error:


Code:
Error Number: 1048
Column 'id' cannot be null
INSERT INTO `auth_sessions` (`id`, `user_id`, `login_time`, `ip_address`, `user_agent`) VALUES (NULL, '412049668', '2017-08-31 10:57:57', '127.0.0.1', 'Firefox 55.0 on Linux')
Filename: third_party/community_auth/models/Auth_model.php
Line Number: 90

So, it turns out that all you need to do to fix that is set the Community Auth package path in config/autoload.php


PHP Code:
$autoload['packages'] = array(APPPATH 'third_party/community_auth/'); 

One thing I noticed was that after the error, I had to go into the database and delete the sessions before I could login again. Same might be true if I had just deleted browser cookies, but I didn't try that.

So just try to autoload the community auth package path, and I think you should be good. Report back please.

I have a feeling that the problem is that your library sets up the session before MY_Session can be loaded (because there is no package path to it), so the important session ID is never passed back (because the method was not overridden), resulting in NULL.

You might be asking why I'm even doing these session modifications in the first place, right? Well, it's because some people aren't going to use database sessions, and there has to be a way to match a user to their session. It's more or less a way to force somebody to use database sessions. I'm not simply satisfied that having a session is good enough. I want the session tied to a specific user.
Reply




Theme © iAndrew 2016 - Forum software by © MyBB