faqzul/codeigniter-fauthz-library

CodeIgniter Auth Library

Maintainers

Details

github.com/FaqZul/CodeIgniter-FauthZ-Library

Homepage

Source

Issues

Installs: 8

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

0.1.0 2020-06-01 13:27 UTC

Requires

MIT 748fa7cfa61289ea1101e5d845a142973f5f6562

codeigniterauthfaqzulfauthz

This package is auto-updated.

Last update: 2025-04-15 18:42:25 UTC

README

Build Status

Authentication library for PHP-Framework CodeIgniter. It's based on Tank Auth, although the code was seriously reworked.

Prerequisites

Feature

It's simple

It's secure

  • Using phpass library for password hashing (instead of unsafe md5).
  • Counting login attempt for bruteforce preventing (optional). Failed login attempt determined by IP and by username.
  • Logging last login IP-address and time (optional).
  • CAPTCHA for registration and repetitive login attempt (optional).
  • Unactivated accounts and forgotten password requests auto-expire.

It's easy to manage

  • Strict MVC Model: controller for controlling, views for representation and library as model interface.
  • Language file support.
  • View files contain only necessary HTML code without redundant decoration.
  • Most of the features are optional and can be turned or switched-off in well-documented config file.

It's full featured

  • Login using username, email address or both (depending on config settings).
  • Registration is instant or after activation by email (optional).
  • "Remember me" option.
  • Forgot password (letting users pick a new password upon reactivation).
  • Changed email or password for registered users.
  • Email or password can be changed even before account is activated.
  • Ban user (optional).
  • User profile (optional).
  • CAPTCHA support.
  • HTML or plain-text emails.

Getting Started

Composer

faqzul@Trisquel:/var/www/CodeIgniter$ composer require faqzul/codeigniter-fauthz-library

Manual

  1. Download the latest version of the library.
  2. Unzip the package to application/third_party/.
  3. Download the latest version of CodeIgniter-CRUD-Model.
  4. Unzip the package CodeIgniter-CRUD-Model to application/third_party/.

And then install database schema into Your MariaDB database.

Configuration

Composer

Change the following line in the application/config/autoload.php file for use in Your controller class.

$autoload['packages'] = array();
↓
$autoload['packages'] = array(FCPATH . 'vendor/faqzul/codeigniter-fauthz-library/');

Setting FauthZ Preferences

$this->load->library('fauthz');
$this->fauthz->config_set('website_mail', 'web@domain.com');
$this->fauthz->config_set('website_name', 'CodeIgniter Authentication');
$this->fauthz->config_set('captcha_registration', TRUE);

And more preferences You can see at config/fauthz.php.

Manual

  • Change the following line in the application/config/autoload.php file for use in Your controller class.
$autoload['packages'] = array();
↓
$autoload['packages'] = array(APPPATH . 'third_party/codeigniter-fauthz-library/');
  • Change the following line in the application/third_party/codeigniter-fauthz-library/config/fauthz.php.
$config['crud_path'] = FCPATH . 'vendor/faqzul/codeigniter-crud-model/';
↓
$config['crud_path'] = APPPATH . 'third_party/codeigniter-crud-model/';

Usage

register

Register user on the site. If registration is successfull, a new user account is created. If email_activation flag in config-file is set to TRUE, then this account have to be activated by clicking special link sent by email; otherwise it is activated already. Please notice: after registration user remains unauthenticated; login is still required.

login

Login user on the site. If login is successfull and user account is activated, s/he is redirected to the home page. If account is not activated, then send_again is invoked (see below). In case of login failure user remains on the same page.

logout

Logout user.

send_again

Send activation email again, to the same or new email address. This method is invoked every time after non-activated user logins on the site. It may be useful when user didn't receive activation mail sent on registration due to problem with mailbox or misprint in email address. User may change their email or leave it as is.

activate

Activate user account. Normally this method is invoked by clicking a link in activation email. Clicking a link in forgot password email activates account as well. User is verified by User ID and authentication code in the URL.

forgot_password

Generate special reset code (to change password) and sent it to user. Obviously this method may be used when user has forgotten their password.

reset_password

Replace user password (forgotten) with a new one (set by user). Then method can be called by clicking on link in mail. User is verified by User ID and authentication code in the URL.

change_password

"Normal" password changing (as compared with resetting forgotten password). Can be called only when user is logged in and activated. For higher security user's old password is needed.

change_email

Change user's email. Can be called only when user is logged in and activated. For higher security user's password is required. The new email won't be applied until it is activated by clicking a link in a mail sent to this email address.

reset_email

Activate new email address and replace user's email with a new one. This method can be called by clicking a link in a mail. User is verified by User ID and authentication code in the URL.

unregister

Delete user account. Can be called only when user is logged in and activated. For higher security user's password is required.

Versioning

We use SemVer for versioning. For the versions available, see the tags on this repository.

Authors

  • Muhammad Faqih Zulfikar - Developer

License

This project is licensed under the MIT License - see the LICENSE file for details.