February 1st, 2008
There are many Code Igniter authentication libraries, Michael Wales’s Erkana Auth differentiates itself by aiming to be a “small set of methods and helpers that would prove useful for a variety of user authentication while not hijacking the framework”.
The code is fairly self-explanatory, but here’s an example of how it can be implemented.
Firstly, you need to download the library and copy the files to the relevant directories in your Code Igniter tree. Note that if you are running Linux you need to change the filenames to lower case.
I use a custom routing system for flexibility, but the basic premise is the same: create a login controller and view. I created a directory called “admin” in my controller and view directories for organisational purposes.
My login system only requires authentication for one user (hence the need for a light authentication library). The user table I created is correspondingly simple:
CREATE TABLE users ( id int(11) NOT NULL AUTO_INCREMENT, username text, password text, PRIMARY KEY (id) )
Code Igniter uses SHA1 hashing, so you can use the database function or generate it manually through the command line:
INSERT INTO users (username, password) VALUES ("bob", sha1("password"));
Now for the view, views/admin/login.php:
<html>
<head>
<title>Login</title>
</head>
<body>
<h1>Login</h1>
< ?php echo $this->validation->error_string; ?>
<form action="<?php echo base_url() . 'admin/login' ?>" method="post">
<fieldset>
<legend>Login Details</legend>
<label for="username">Username:</label><br /><input name="username" value="<?php echo $this-/>validation->username ?>" /><br />
<label for="password">Password: </label><br /><input name="password" type="password" /><br />
</fieldset>
<fieldset>
<legend>Submit</legend>
<input type="submit" name="submit" value="Submit" class="submit"/>
</fieldset>
</form>
</body>
</html>
So I didn’t have to repeat code at the top of every page I wanted protected, I created a base controller that can be inherited from, controllers/admin/authcontroller.php:
class AuthController extends Controller { function AuthController() { parent::Controller(); $this->load->library('session'); $this->load->library("validation"); $this->load->helper("form"); $this->load->library('Erkanaauth'); $this->auth(); } function auth() { if (!$this->erkanaauth->try_session_login()) { redirect('admin/login'); } } }
If the user is not authenticated, it uses a HTTP redirect to the admin/login page/controller, controllers/admin/login.php:
class Login extends Controller { function Login() { parent::Controller(); $this->load->library("validation"); $this->load->helper("form"); $this->load->library('Erkanaauth'); } function index() { $login_form_rules = array ( 'username' => 'callback_check_username', 'password' => 'required' ); $login_form_fields = array ( 'username' => 'Username', 'password' => 'Password' ); $this->validation->set_fields($login_form_fields); $this->validation->set_rules($login_form_rules); if ($this->validation->run() == FALSE) { $this->load->view('admin/login.php'); } else { redirect('admin'); } $this->load->view('admin/login.php'); } function check_username($username) { $this->load->helper('security'); $password = dohash($this->input->post('password')); if ($this->erkanaauth->try_login(array('username' => $username, 'password' => $password))) { return True; } else { $this->validation->set_message('check_username', 'Incorrect login info.'); return False; } } }
Now all you need to do is create additional controllers. You can protect them simply by requiring your base controller, inheriting from it and calling its constructor:
require_once(APPPATH . 'controllers/admin/authcontroller.php'); class Foo extends AuthController { function Foo() { /* * Script exits if not authenticated */ parent::AuthController(); ....
A final note, in case you were wondering, some etymology of Wales’s use of “Erkana”:
Erkana is a word I originally believed I had made up - I liked the sound of it, easy to say, and just has a nice ring to it. Personally, it makes me thing of peace, serenity, calm and soothing, etc. I’ve had this word, erkana in my head for about 2 years now.
When thinking of a name for this library I decided to do some googling around for the term - just to make sure I wasn’t associating this library with something I’d rather not be associated with. I quickly learned that erkana is a Turkmen word meaning: free, unrestricted, easy.
I can’t think of a better way to describe this library.
February 2nd, 2008 at 7:57 am
Thanks for mentioning ErkanaAuth! The library has changed quite a bit since it’s initial release and I have included a more up-to-date copy of it within my CI Dev Pack.
February 2nd, 2008 at 8:00 pm
Cheers, I’ll definitely look into upgrading.