Author:Ben Edmunds Ion Auth › Documentation Ben Edmunds HOME CODE POSTS ABOUT Documentation Ion Auth Ion Auth is a simple and lightweight authentication library for the CodeIgniter framework Want to learn more? Or just support my work? If you're reading this then you'll probably want to know that I'm writing a book on Building Secure PHP Apps. It's now available for early access on Leanpub: Learn More / Buy License
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Author:Ben Edmunds
Ion Auth › Documentation
Ben EdmundsHOMECODEPOSTSABOUT
Documentation
Ion Auth
Ion Auth is a simple and lightweight authentication library for the CodeIgniterframework
Want to learn more? Or just support my work?
If you're reading this then you'll probably want to know that I'm writing a book onBuilding Secure PHP Apps. It's now available for early access on Leanpub:
Ion Auth is released under the Apache License v2.0. You can read the license here:http://www.apache.org/licenses/LICENSE-2.0
Installation
1. Download the latest version: http://github.com/benedmunds/CodeIgniter-Ion-Auth/zipball/2
2. Copy the files from this package to the correspoding folder in your applicationfolder. For example, copy Ion_auth/config/ion_auth.php tosystem/application/config/ion_auth.php.
3. Run the appropriate SQL file from the /sql directory.
To change configuration options simply edit the config/ion_auth.php file.
Config
Edit the ion_auth $config array as needed:
'tables['groups']' - The table name to use for the groups table. DEFAULT is'groups'.
'tables['users']' - The table name to use for the users table. DEFAULT is 'users'.
'tables['users_groups']' - The table name to use for the users groups table.DEFAULT is 'users_groups'.
'tables['login_attempts']' - The table name to use for the login attempts table.DEFAULT is 'login_attempts'.
'site_title' - The title of your site, used for email.
'admin_email' - Your administrator email address. DEFAULT is'[email protected]'.
'default_group' - Name of the default user group. DEFAULT is 'members'.
'admin_group' - Name of the admin group. DEFAULT is 'admin'.
'join['users'] ' - Users table column you want to join WITH. DEFAULT is 'user_id'.
'join['groups'] ' - Group table column you want to join WITH. DEFAULT is'group_id'.
'identity' - Column to use for uniquely identifing user/logging in/etc. Usualchoices are 'email' OR 'username'. You should add an index in the users table for
whatever you set this option to. DEFAULT is 'email'.
'min_password_length' - Minimum length of passwords. DEFAULT is '8'.
'max_password_length' - Maximum length of passwords. DEFAULT is '20'.
'email_activation' - TRUE or FALSE. Sets whether to require email activation ornot. DEFAULT is 'false'.
'remember_users' - TRUE or FALSE. Sets whether to enable 'remember me'functionality or not. DEFAULT is 'true'.
'user_expire' - Sets how long to remember the user for in seconds. Set to zero forno expiration. DEFAULT is '86500'.
'user_extend_on_login' - TRUE or FALSE. Extend the users session expiration onlogin. DEFAULT is 'false'.
'email_type' - Email content type. DEFAULT us 'html'.
'email_templates' - Folder where the email view templates are stored. DEFAULTis 'auth/email/'.
'email_activate' - Filname of the email activation view template. DEFAULT is'activate.tpl.php'.
'email_forgot_password' - Filname of the forgot password email view template.DEFAULT is 'forgot_password.tpl.php'.
'email_forgot_password_complete' - Filname of the forgot password completeemail view template. DEFAULT is 'new_password.tpl.php'.
'salt_length' - Length of the encryption salt. DEFAULT is '10'.
'store_salt' - TRUE or FALSE. Store the salt in a separate database column ornot. This can be useful for integrating with existing apps. DEFAULT is 'false'.
'forgot_password_expiration' - Number of seconds before a forgot passwordrequest expires. If set to 0, requests will not expire. DEFAULT is 0.
'track_login_attempts' - Track the number of failed login attempts for each useror ip. DEFAULT is 'false'.
'maximum_login_attempts' - Set the maximum number of failed login attempts.This maximum is not enforced by the library, but is used by $this->ion_auth-
>is_max_login_attempts_exceeded(). The controller should check this functionand act appropriately. If set to 0, there is no maximum. DEFAULT is 3.
'message_start_delimiter' - Starting delimiter for messages. DEFAULT is '<p>'.
'message_end_delimiter' - Ending delimiter for messages. DEFAULT is '</p>'.
'error_start_delimiter' - Starting delimiter for errors. DEFAULT is '<p>'.
'error_end_delimiter' - Ending delimiter for errors. DEFAULT is '</p>'.
Class Function Reference
NOTE: Methods available in the model are called through the controller usingPHP5 magic. You should never use ion_auth_model->method() in yourapplications.
login()
Logs the user into the system.
Parameters
1. 'Username' - string REQUIRED. Usually username or email but depends on yourconfig.
2. 'Password' - string REQUIRED.
3. 'Remember' - boolean OPTIONAL. TRUE sets the user to be remembered ifenabled in the config
Return
boolean. TRUE if the user was successfully logged in FALSE if the user was notlogged in.
boolean. TRUE if the user is registered FALSE if the user is not registered.
Usage
is_max_login_attempts_exceeded()
If login attempt tracking is enabled, checks to see if the number of failed loginattempts for this identity or ip address has been exceeded. The controller must callthis method and take any necessary actions. Login attempt limits are not enforcedin the library.
Parameters
1. 'Identity' - string REQUIRED.
Return
boolean. TRUE if maximum_login_attempts is exceeded FALSE if not or if loginattempts not tracked.
Returns the number of failed login attempts for this identity or ip address.
Parameters
1. 'Identity' - string REQUIRED.
Return
int. The number of failed login attempts for this identity or ip address.
Usage
increase_login_attempts()
If login attempt tracking is enabled, records another failed login attempt for thisidentity or ip address. This method is automatically called during the login()
Clears all failed login attempt records for this identity or this ip address. Thismethod is automatically called during the login() method if the login succeded.
Remove a group. Removes the group details from the configured 'groups' table.Users belonging to the group are stripped of this status (references to this groupare removed from users_groups), but user data itself remains untouched.
Parameters
1. 'group_id' - int REQUIRED.
Return
boolean. TRUE if the group was deleted, FALSE if the delete failed.
Usage
set_message_delimiters()
Set the message delimiters.
// source this from anywhere you like (eg., a form)