A very simple library allowing users to be authenticated, there is no access level checking built in.
To install the library copy:
- application/libraries/Authentication.php
- application/config/authentication.php
Into your own CodeIgniter installation.
If your CodeIgniter installation uses a table prefix then append it to the table names within the included SQL files and statements.
Then create the required tables, to do this run the included SQL file tables.sql
Ensure you have setup an [encryption key] 1 and have configured CodeIgniter to [use a database] 2.
You may then integrate the library into your code.
You should have a look at the authentication configuration file, application/config/authentication.php and ensure all the details are correct, there should be adequate comments to help you out.
Before you can use any of the methods listed below you must load the authentication library, you can do this in a number of ways, which I will discuss below.
This is where you specify you would like to load the authentication library in each controller where you will use it, eg:
// Load the required libraries
$this->load->library('authentication');This is where you specity the authentication library globally and you won't have to load it again, you do this by:
- Opening the
application/config/autoload.php - Adding "authentication" to the
$autoload['libraries']array.
For example:
$autoload['libraries'] = array('authentication');Once you've loaded the library, you can use the methods listed below, like this:
$this->authentication->method_name($parameter)You can use the check_username method to see whether a username is unique, this method is also called before allowing a user to be created.
// Read the username
$username = $this->input->post('username');
// Check whether it is available
if ($this->authentication->username_check($username))
{
// The username IS available
} else {
// The username IS NOT available
}This method will add a user to the users table (as defined within the configuration file) it will only add the username and password to the database, there is no method of adding other data, so all other fields in your users table must accept null values.
// Read the username
$username = $this->input->post('username');
// Read the password
$password = $this->input->post('password');
// Create the new user
$user_id = $this->authentication->create_user($username, $password);
// Check for success
if ($user_id !== FALSE)
{
// The user was SUCCESSFULLY created
// Their ID is $user_id
} else {
// There was an ERROR creating the user
}This is a very simple library and it does not check against brute force attacks. It also does not allow for a 'remember me' option, once the user closes their browser (or a period of inactivity) the user will be logged out.
The login method takes the username and password and will return either true or false, eg:
// Read the username
$username = $this->input->post('username');
// Read the password
$password = $this->input->post('password');
// Try to log the user in
if ($this->authentication->login($username, $password))
{
// The user was SUCCESSFULLY logged in
} else {
// The details provided were incorrect
// No feedback is given as to why the login failed
}This method will return true or false depending on where the current user is logged in.
if ($this->authentication->is_loggedin())
{
// User is logged in
} else {
// User is NOT logged in
}This method is a wrapper allowing you to access the data stored in the session (allowing the library to be updated without braking your code.) call this method with one of the following keys:
- identifier
- username
- login
- logout
// Read the users identifier
$user_id = $this->authentication->read('identifier');While the logout time can be accessed when the current user is logged out, other requests will yield a boolean false if attempted while the user is logged out.
This method allows you to change the password for a user by passing the password and their identifier (as set in the configuation file.) You can also just pass the password and the current users password will be updated.
// Read the password
$new_password = $this->input->post('password');
if ($this->authentication->change_password($new_password))
{
// The users password HAS been updated
} else {
// There was an ERROR updating the users password
}When you call this method it will log the current user out, all other session data you set for the user will remain intact.
$this->authentication->logout();This method will delete the user with the passed identifier (as set in the configuation file.)
// Define user identifier
$user_identifier = 1; // Using the ID column in the users table as the identifier
if ($this->authentication->delete_user($user_identifier))
{
// The user HAS been deleted
} else {
// There was an ERROR deleting the user
}It is likely you will want to retrieve data from the user table for the current user, for example the first name. this can be done easily by using the stored user identifier, you should ensure there is a logged in user first.
In the example below we have a model called user_m which we will pass the user identifier to return the users details:
// Ensure the current user is logged in
if ($this->authentication->is_loggedin())
{
// Load the user model
$this->load->model('user_m');
// Define the user identifier
$user_identifier = $this->ci->session->userdata('identifier')
// Define the user details
$user_details = $this->user_m->read($user_identifier);
}- You will encounter an error if you try to access the authentication library from a controller called "authentication"
[Joel Vardy] 3 for writing this.