Thread

Yes, yes, I know. There are quite a few authentication libraries around but I just can’t deny you my own little creation!

The name “MeNeedz Auth” might be kinda strange to you (it derives from the working title of my current project) but don’t let that stop you from testing it!

So, what does my library do?
It handles the process of login and can be used to restrict access to a specific user group.

But that’s what most of the libraries posted here can do. How’s yours different?
I think my library is different because it does not require a certain database layout or a database at all. You can choose to use salting or not (and how you want to combine the salt with the passwort), tell the library what encryption to use (md5 and sha so far) or even don’t use a database at all and only use a certain identifier/password combination.

Identifier? Yes! You are not restricted to use the username and a password for login, you can use what ever identifier you want to use. E-mail? Full name? A number? What ever you want!

Does the library have any requirements at all? Yes, sadly it does. You need a library called “session” (e.g. the standard codeigniter session library) to handle the session.

How can I tell the library how I want my users to be authed?
When loading the library you can either use a config array as a parameter or create a config file “auth.php” in your config folder where you can set all the parameters. What parameters can be used can be seen in the library. If you don’t want to use the config array or the config file then you can just go ahead and change the variables in the library.

Ok. Sounds great! Where can I get that wonderful thing?
Just grab it from here:—> click me <—
View the user guide here (also included in the download:—> click me <—

Latest Update on 18-11-2008
Version 1.7:
- Added a new function that let’s you set a new password for a given user

I am really looking forward to your comments and your suggestions on how to improve the library!

Greets,
waldmeister

interesting, this sounds really good, is there a userguide for it?

Not yet, but I just thought about writing one. Gimme some hours of sleep and I will be able to present you one!

Sounds very great!

I have just finished the user guide for my library. I used the CI User Guide as a template for mine, hopefully that’s ok.

I have updated the downloadable archive with the most current version of my library and included my user guide.

You can either grab the whole package from here:—> click me <—
Or you can just view the user guide online here:—> click me <—

Have fun reading and trying my library 😊
I hope you like it and I am still looking forward to your suggestions/comments on how to improve my library.

Greetz,
waldmeister

thanks for the userguide, was just reading over it and am very impressed with how your authentication library works.  I will probably end up using it for several websites that i am doing.

does the library work with both php4 and 5?

So far I have only tested it with PHP5 but I guess it should work with PHP4, didn’t use any fancy new functions or something like that.

Glad to hear you like it 😊

User Guide seems to be interesting. Will test it.

Very little and useful! One request: the library don’t support the coookie fore create a “remember on yhis compyrter”?
Thank you ciao

Ok.
You want it, you get it!

I have just implemented a new feature that allows the user to determine wether he wants to be remembered (cookie “never” expires) or has to login again after a certain amount of time (the expiration time set in your session config).

I have updated both the user guide and the rar-file.

I hope that’s what you were looking for.

Have fun 😊

Thank you!!!!! Ciao!!!!

No prob!

Anything else you need?
Something that you don’t like about my library?

From your user guide example:

header("location: ".$this->config->site_url().'/welcome/login');

Better use CI redirect:

redirect('welcome/login');

Also, where in your code is PHP5?

class Auth
{
    var $CI = null;
    var $user_table = "user";
    var $user_identifier_column = "user_name";
    var $user_password_column = "user_password";
    var $user_salt_column = "user_salt";
    var $user_group_column = "user_group";
    var $use_database = TRUE;
    var $non_database_user_identifier = "";
    var $non_database_user_password = "";
    var $use_encryption = TRUE;
    var $encryption_method = "md5";
    var $encryption_order = "%salt%.%password%";
    var $user_identifier_input_name = "user_name";
    var $user_password_input_name = "user_password";
    var $user = FALSE;
    var $user_groups = array('user' => '1', 'moderator' => '10', 'admin' => '100');
    var $use_remember_me = FALSE;
    var $remember_me_input_name = "remember_me";

    var $_encryption_methods = array('md5', 'sha', 'sha1');
    var $_encryption_elements = array('%salt%', '%password%');

    function Auth($config = array())
    {
           ... etc…

Your code is also a bit of spaghetti coding without any comments. That makes it real difficult to understand, and I am sure there would be a lot lot lot of things to improve in it, first of separate the DB code in a model, flag some long successions of if / else tests instead of returning each time something.

Also I don’t understand why this mixture of post code without any validation of the form. Why not just use some validation then? That said, I personally think an auth lib shouldn’t mix things like you did. Keep it simple, just do auth process in this lib and add some extended class to do other things, keep it structured.

Sorry about criticism, it’s to be constructive…

one thing i would like to see this support (i don’t know how viable it would be though), is if the group levels could be defined in the database and if a user could be assigned to more than one group.

for instance you might have a cms where a particular user can manage the pages on the website and also manage the forums (if it has forums) but not be able to do other things on the site such as change the site settings.

probably a silly example but i think it conveys the point across.

one thing i do like about this system is the integration capabilities with a CMS, for instance a person could add an extra column into the table that stores the pages saying what groups have access to what pages.

i assume you can have several groups with the same level?

ray73864 what you want is more about permissions than auth.