I'm looking for a CodeIgniter Authentication Libraries so I can confirm user registration by admin role (not by sending confirmation email). Can anyone give me a suggestion ? Thanks alot.
No matter which one you choose, you should be expecting to modify it somewhat to suite your specific requirements. CI framework and the CI classes you find online are not complete solutions... they are just starting points. I really prefer Ion Auth myself, but again I needed to make some modifications for my application.
Related
I apologize in advance if you don't understand at any point.
context** I am building a web application in Laravel, although I am very new, I am doing well. I implemented the laravel fotify package for user authentication and others, all perfect. Now, in the same way, I use Laravel Socialite to allow login and registration with Google.
now, according to laravel fortify I can implement email verification, which I did according to the documentation and it works perfect. My question or use case that I would like to solve is:
that users who logged in with google are not asked for this verification, since I consider it a bit redundant, however I still have not found the solution.
In my users table, I have a type_auth field where I store the type of authentication that was done. example: google
My idea is to cancel the verification using this field.
I would appreciate any ideas or if this is impossible.
thank you.
I have developed a nutrition platform that I'm using with my clients. It's somewhat similar to MyFitnessPal.
Some of my clients need help refining their diets so I need to log into their account to make changes to their plan.
What's the best option to achieve this? I thought of maybe having a master password that lets me log into any clients account but I don't know how to implement this.
My postLogin() method in the LoginController doesn't seem to be doing anything.
In our applications we have a route/controller method in the admin backend that does something like auth()->login($user); then redirects you to the route the usual user would go to when they first login.
Docs:
https://laravel.com/docs/5.4/authentication#other-authentication-methods
We have eZPublish 5. The authentication is handled by User kernel module kernel/user/login.php. This PHP script is called when trying to access a siteaccess which requires authentication.
Example scenario:
When trying to access http://example.com/marketing
it redirects me (when not logged in) to http://example.com/marketing/user/login
Which is expected behaviour.
What I would like to achieve is to rewrite the kernel/user/login.php file and preferably keep the url the same (this is not mandatory).
I need to do this because I need to integrate Duo Security Multifactor Authentication, so I need to handle the logging in in a custom way.
So on the first page I need to display the login form, then when it is submitted I need to verify if credentials are correct (but not log in the user at this phase) then I need to return another view where an iframe is present for the second authentication, and when the second authentication is successful only after that I can login the user and redirect him/her to the desired page.
Is there any way how to do this? I tried to create an extension with a module user and view login.php but it doesn't worked - the User kernel login.php is executed always when http://example.com/marketing/user/login is hit.
I am trying to do this for several days now but no luck and I'm out of ideas.
Thanks in advance for any help.
Welcome to the eZ Community!
What you want / need is both possible and quite simple to implement :)
First based on your description I recommend the following:
https://github.com/brookinsconsulting/bckernelmoduleoverride
Note: We forgot to package and release this extension some time ago but have been using it as part of our open source ezpedia.org code base. We thank you for reminding us and prompting us to package the code for individual usage.
Concerning double authentication we did something similar but actually quite different with this solution:
https://github.com/brookinsconsulting/bcconfirmpassword
Now code sharing aside. You may want to first study the login handler system which provides for many forms of custom user authentication system. https://en.ezpedia.org/en/ez/login_handler
Yet from your description and some intuition on our part it truly sounds like without more information that you very well do need to both override the default user/login module view (what we call a kernel module view copy override; copy the default module and customize the code within an extension module). We have done this -a lot- for special customer use cases and it's not very hard.
Most of the time the hard part is getting all the module and module view identifiers to not conflict once within an module extension and we think that will be less of a problem for you if you simply use / leverage the bckernelmoduleoverride extension which provides for using default kernel modules and module views customized within a module view extension.
Please feel free to ask further questions or share more information about your custom authentication system your trying to integrate. Frames in this day and age sounds like a painful system to be required to implement for a secondary authentication system.
We hope this helps!
Note: This thread is cross posted from: http://share.ez.no/forums/ez-publish-5-platform/ezpublish-5-custom-user-authentication-multifactor
I have built an app using codeigniter which has 3 different member groups
Admininstrators - Who login to a dashboard and have CRUD facilities to Add/Edit/Delete Events, shows and artists
Clients - Who Login from the front end and see all the items that the admin have added via the back end.
Media Partners - Who Login from the front-end and see certain parts of what the client can see but not all things.
I have integrated the Tank_Auth Library for the Clients section which all works fine. What I would like to achieve though is for the administrator to be able to login to a seperate admin area and the media partners to be able to login to a seperate area too.
What is the best way to approach this?
Do I need to create sepearate dashboard controllers for each userbase and duplicate the Tank_Auth controller 3 times and tweak this?
Ideally The Admin users also need to be able to add news users and login to all 3 seperate areas?
Has anybody achieved such a solution before, If so how did you go about it? perhaps tank auth isn't the correct approach?
Any input would be appreciated.
Thanks Dan
I am using CI, but haven't used Tank_Auth, I have my auth class and in every function I have the following method called: $this->auth->accessMap(get_class($this),__FUNCTION__);
In auth class:
public function accessMap($controller_name,$function_name)
{
if ($this->perms_array[$controller_name][$function_name])
return true;
else $this->redir();
}
I have permissions array in config:
$config['user_perms']['className']['method1'] = array($config['user_types']['admin']);
$config['user_perms']['className']['method2'] = array($config['user_types']['admin'],$config['user_types']['user']);
Like this you can specify for each method which user has permission to use it.
I hope this will help.
I can't find the thread on the CI forums because I can't seem to login to their website right now, however do a search for 'zend_acl in codeigniter'. Alternatively there is this blog post about how to implement it, but it is slightly dated.
ACL stands for Access Control List, it will allow you to setup various permissions for different types of users. Zend has one of the best implementations of ACL in my opinion.
More information about ACL's can be found on zend's website.
Absence of user group is a pain when using tank_auth if we have multiple user groups. I ran into this issue recently. Here is the solution posted in CI forms.
Using tank_auth for both front end user registration and login and back end admin login
I'm having a hard time understanding how the CakePHP admin system works.
Should all controllers who has an action which requires login include AuthComponent or just the one who handles the login/logout?
Let's say I want to protect the add action of a controller. First I create admin_add() in the controller and then in the beforeFilter() method I check if $this->Session->check('Auth.User') is set a redirect based on this? Turns out it was better to just controll this with $this->Auth->allow()
What is the easiest way to return to the URL the user was trying to access? Is there a better way than setting a session variable? Turns out it does this automagically :)
If someone has a good tutorial for this I would happily read it :)
I've already read this tutorial but I found it to be a little to basic and the CakePHP-docs are not that great on this topic either.
There is no Cake admin system as such. There is Authentication component and there is Access Control List component. You can use only Authentication component if you wish or you can use both of them. If you want to create your admin system from scratch follow this tutorial. Or you can try already created admin panel - PoundCake Control Panel.
we have created an admin system for cakePHP, works similar to the scaffolding but it's configurable and ready to deploy, check it at http://browniephp.org
You can learn a lot from others codes, specially something like CakePHP Admin plugin at: https://github.com/Maldicore/Admin