Hi. I'm Ben Edmunds. This is Ion Auth.

Documentation


Ion Auth

Ion Auth is a simple and lightweight authentication library for the CodeIgniter framework


Want to learn more? Or just support my work?

I've released a book on Securing PHP Apps. It's now available on Apress:
Learn More / Buy



I've also written a version on Securing Node JS Apps. It's available on Leanpub:
Learn More/ Buy



And here's an ad that helps support my continued work on Ion Auth. These ads bring in about $50/month so it doesn't come close to paying for the time I spend supporting this but every little bit does help. Thanks for visiting.



License

Ion Auth is released under the Apache License v2.0. You can read the license here: http://www.apache.org/licenses/LICENSE-2.0

Installation

  1. Download the latest version: http://github.com/benedmunds/CodeIgniter-Ion-Auth/zipball/2
  2. Copy the files from this package to the correspoding folder in your application folder. For example, copy Ion_auth/config/ion_auth.php to system/application/config/ion_auth.php.
  3. You can also copy the entire directory structure into your third_party/ folder. For example, copy everything to /application/third_party/ion_auth/
  4. Run the appropriate SQL file from the /sql directory.

The default login is:

Upgrading

  1. Download the latest version: http://github.com/benedmunds/CodeIgniter-Ion-Auth/zipball/2
  2. Overwrite "libraries/ion_auth.php" and "models/ion_auth_model.php" with the new versions.

Loading Ion Auth

You load Ion Auth just like any other library:

$this->load->library('ion_auth');

You can also autoload the library.

Configuration Options

Ion Auth is extremely configurable. The following configuration options are available:

Using Config File

To change configuration options simply edit the config/ion_auth.php file.

Config

Edit the ion_auth $config array as needed:


Compatibility with CodeIgniter v2

CodeIgniter v2 requires the class file names to be lowercase. In order to support this follow the standard installation procedures and then either rename the following files or create symlinks: models/Ion_auth_model.php => models/ion_auth_model.php controllers/Auth.php => controllers/auth.php


Class Function Reference

NOTE: Methods available in the model are called through the controller using PHP5 magic. You should never use ion_auth_model->method() in your applications.

login()

Logs the user into the system.

Parameters

  1. 'Identity' - string REQUIRED. Username, email or any unique value in your users table, depending on your configuration.
  2. 'Password' - string REQUIRED.
  3. 'Remember' - boolean OPTIONAL. TRUE sets the user to be remembered if enabled in the configuration.

Return

Usage

		$identity = 'ben.edmunds@gmail.com';
		$password = '12345678';
		$remember = TRUE; // remember the user
		$this->ion_auth->login($identity, $password, $remember);
	

logout()

Logs the user out of the system.

Usage

		$this->ion_auth->logout();
	

register()

Register (create) a new user.

Parameters

  1. 'Identity' - string REQUIRED. This must be the value that uniquely identifies the user when he is registered. If you chose "email" as $config['identity'] in the configuration file, you must put the email of the new user.
  2. 'Password' - string REQUIRED.
  3. 'Email' - string REQUIRED.
  4. 'Additional Data' - multidimensional array OPTIONAL.
  5. 'Group' - array OPTIONAL. If not passed the default group name set in the config will be used.

Return

Usage

		$username = 'benedmunds';
		$password = '12345678';
		$email = 'ben.edmunds@gmail.com';
		$additional_data = array(
								'first_name' => 'Ben',
								'last_name' => 'Edmunds',
								);
		$group = array('1'); // Sets user to admin.

		$this->ion_auth->register($username, $password, $email, $additional_data, $group)
	

create_user()

create_user is an alternate method for register() method.


update()

Update a user.

Parameters

  1. 'Id' - integer REQUIRED.
  2. 'Data' - multidimensional array REQUIRED.

Return

Usage

		$id = 12;
		$data = array(
					'first_name' => 'Ben',
					'last_name' => 'Edmunds',
					'password' => '123456789',
					 );
		$this->ion_auth->update($id, $data)
	

delete_user()

Delete a user.

Parameters

  1. 'Id' - integer REQUIRED.

Return

Usage

		$id = 12;
		$this->ion_auth->delete_user($id)
	

forgotten_password()

Resets a users password by emailing the user a reset code.

Parameters

  1. 'Identity' - string REQUIRED. (as defined in config/ion_auth.php)

Return

Usage

- this example assumes you have 'email' selected as the identity in config/ion_auth.php

		//Working code for this example is in the example Auth controller in the github repo
		function forgot_password()
		{
			$this->form_validation->set_rules('email', 'Email Address', 'required');
			if ($this->form_validation->run() == false) {
				//setup the input
				$this->data['email'] = array('name'    => 'email',
											 'id'      => 'email',
											);
				//set any errors and display the form
				$this->data['message'] = (validation_errors()) ? validation_errors() : $this->session->flashdata('message');
				$this->load->view('auth/forgot_password', $this->data);
			}
			else {
				//run the forgotten password method to email an activation code to the user
				$forgotten = $this->ion_auth->forgotten_password($this->input->post('email'));

				if ($forgotten) { //if there were no errors
					$this->session->set_flashdata('message', $this->ion_auth->messages());
					redirect("auth/login", 'refresh'); //we should display a confirmation page here instead of the login page
				}
				else {
					$this->session->set_flashdata('message', $this->ion_auth->errors());
					redirect("auth/forgot_password", 'refresh');
				}
			}
		}
	

forgotten_password_complete()

Final step of resetting a users password. The user comes to this page from their email.

Parameters

  1. 'Code' - string REQUIRED.

Return

Usage

		//Working code for this example is in the example Auth controller in the github repo
		public function reset_password($code)
		{
			$reset = $this->ion_auth->forgotten_password_complete($code);

			if ($reset) {  //if the reset worked then send them to the login page
				$this->session->set_flashdata('message', $this->ion_auth->messages());
				redirect("auth/login", 'refresh');
			}
			else { //if the reset didnt work then send them back to the forgot password page
				$this->session->set_flashdata('message', $this->ion_auth->errors());
				redirect("auth/forgot_password", 'refresh');
			}
		}
	

logged_in()

Check to see if a user is logged in.

Return

Usage

		if (!$this->ion_auth->logged_in())
		{
			redirect('auth/login');
		}
	

is_admin()

Check to see if the currently logged in user is an admin.

Parameters

  1. 'id' - integer OPTIONAL. If a user id is not passed the id of the currently logged in user will be used.

Return

Usage

		if (!$this->ion_auth->is_admin())
		{
			$this->session->set_flashdata('message', 'You must be an admin to view this page');
			redirect('welcome/index');
		}
	

in_group()

Check to see if the currently logged in user is in the passed in group.

Parameters

  1. 'Group ID or Name' - string, integer or array of strings and integers REQUIRED.
  2. 'User ID' - integer OPTIONAL. If a user id is not passed the id of the currently logged in user will be used.

Return

Usage

		# single group (by name)
		$group = 'gangstas';
		if (!$this->ion_auth->in_group($group))
		{
			$this->session->set_flashdata('message', 'You must be a gangsta to view this page');
			redirect('welcome/index');
		}

		# single group (by id)
		$group = 1;
		if (!$this->ion_auth->in_group($group))
		{
			$this->session->set_flashdata('message', 'You must be part of the group 1 to view this page');
			redirect('welcome/index');
		}

		# multiple groups (by name)
		$group = array('gangstas', 'hoodrats');
		if (!$this->ion_auth->in_group($group))
		{
			$this->session->set_flashdata('message', 'You must be a gangsta OR a hoodrat to view this page');
			redirect('welcome/index');
		}

		# multiple groups (by id)
		$group = array(1, 2);
		if (!$this->ion_auth->in_group($group))
		{
			$this->session->set_flashdata('message', 'You must be a part of group 1 or 2 to view this page');
			redirect('welcome/index');
		}

		# multiple groups (by id and name)
		$group = array('gangstas', 2);
		if (!$this->ion_auth->in_group($group))
		{
			$this->session->set_flashdata('message', 'You must be a part of the gangstas or group 2');
			redirect('welcome/index');
		}
	

username_check()

Check to see if the username is already registered.

Parameters

  1. 'Username' - string REQUIRED.

Return

Usage

		//This is a lame example but it works.  Usually you would use this method with form_validation.
		$username = $this->input->post('username');
		$password = $this->input->post('password');
		$email = $this->input->post('email');
		$additional_data = array(
								'first_name' => $this->input->post('first_name'),
								'last_name' => $this->input->post('last_name'),
								);
		if (!$this->ion_auth->username_check($username))
		{
			$group_name = 'users';
			$this->ion_auth->register($username, $password, $email, $additional_data, $group_name)
		}
	

email_check()

Check to see if the email is already registered.

Parameters

  1. 'Email' - string REQUIRED.

Return

Usage

		//This is a lame example but it works.  Usually you would use this method with form_validation.
		$username = $this->input->post('username');
		$password = $this->input->post('password');
		$email = $this->input->post('email');
		$additional_data = array(
								'first_name' => $this->input->post('first_name'),
								'last_name' => $this->input->post('last_name'),
								);
		if (!$this->ion_auth->email_check($email))
		{
			$group_name = 'users';
			$this->ion_auth->register($username, $password, $email, $additional_data, $group_name)
		}
	

identity_check()

Check to see if the identity is already registered.

Parameters

  1. 'Identity' - string REQUIRED.

Return

Usage

		//This is a lame example but it works.
		$user = $this->ion_auth->user();
		$data = array(
					'identity' => $this->input->post('identity'),
					'first_name' => $this->input->post('first_name'),
					'last_name' => $this->input->post('last_name'),
					 );
		if ($data['identity'] === $user->username || $data['identity'] === $user->email || $this->ion_auth->identity_check($data['identity']) === FALSE)
		{
			$this->ion_auth->update_user($user->id, $data)
		}
	

is_max_login_attempts_exceeded()

If login attempt tracking is enabled, checks to see if the number of failed login attempts for this identity or ip address has been exceeded. The controller must call this method and take any necessary actions. Login attempt limits are not enforced in the library.

Parameters

  1. 'Identity' - string REQUIRED.

Return

Usage

		$identity = 'ben.edmunds@gmail.com';
		if ($this->ion_auth->is_max_login_attempts_exceeded($identity))
		{
			$this->session->set_flashdata('message', 'You have too many login attempts');
			redirect('welcome/index');
		}
	

get_attempts_num()

Returns the number of failed login attempts for this identity or ip address.

Parameters

  1. 'Identity' - string REQUIRED.

Return

Usage

		$identity = 'ben.edmunds@gmail.com';
		$num_attempts = $this->ion_auth->get_attempts_num($identity);
	

increase_login_attempts()

If login attempt tracking is enabled, records another failed login attempt for this identity or ip address. This method is automatically called during the login() method if the login failed.

Parameters

  1. 'Identity' - string REQUIRED.

Usage

		$identity = 'ben.edmunds@gmail.com';
		$password = '12345678';
		if ($this->ion_auth->login($identity, $password) == FALSE) {
			$this->ion_auth->increase_login_attempts($identity)
		}
	

clear_login_attempts()

Clears all failed login attempt records for this identity or this ip address. This method is automatically called during the login() method if the login succeded.

Parameters

  1. 'Identity' - string REQUIRED.

Usage

		$identity = 'ben.edmunds@gmail.com';
		$password = '12345678';
		if ($this->ion_auth->login($identity, $password) == TRUE) {
			$this->ion_auth->clear_login_attempts($identity)
		}
	

user()

Get a user.

Parameters

  1. 'Id' - integer OPTIONAL. If a user id is not passed the id of the currently logged in user will be used.

Return

Usage

		$user = $this->ion_auth->user()->row();
		echo $user->email;
	

users()

Get the users.

Parameters

  1. 'Group IDs' - array OPTIONAL. If an array of group ids are passed (or a single group id) this will return the users in those groups.

Return

Usage

		$users = $this->ion_auth->users()->result();
	

group()

Get a group.

Parameters

  1. 'Id' - integer REQUIRED.

Return

Usage

		$group_id = 2;
		$group = $this->ion_auth->group($group_id);
	

groups()

Get the groups.

Return

Usage

		$groups = $this->ion_auth->groups()->result();
	

messages()

Get messages.

Return

Usage

		$id = 12;
		$data = array(
					'first_name' => 'Ben',
					'last_name' => 'Edmunds',
					 );
		if ($this->ion_auth->update_user($id, $data))
		{
			$messages = $this->ion_auth->messages();
			echo $messages;
		}
		else
		{
			$errors = $this->ion_auth->errors();
			echo $errors;
		}
	

messages_array()

Get messages as an array.

Return

Parameters

  1. 'Langify' - boolean OPTIONAL. TRUE means that the messages will be langified.

Usage

		$id = 12;
		$data = array(
					'first_name' => 'Ben',
					'last_name' => 'Edmunds',
					 );
		if ($this->ion_auth->update_user($id, $data))
		{
			$messages = $this->ion_auth->messages_array();
			foreach ($messages as $message)
			{
				echo $message;
			}
		}
		else
		{
			$errors = $this->ion_auth->errors_array();
			foreach ($errors as $error)
			{
				echo $error;
			}
		}
	

get_users_groups()

Get all groups a user is part of.

Parameters

  1. 'Id' - integer OPTIONAL. If a user id is not passed the id of the currently logged in user will be used.

Return

Usage

		$user_groups = $this->ion_auth->get_users_groups($user->id)->result();
	

add_to_group()

Add user to group

Parameters

  1. 'Group_id' - integer or array REQUIRED.
  2. 'User_id' - integer REQUIRED.

Return

Usage

        // pass an array of group ID's and user ID
        $this->ion_auth->add_to_group(array('1', '3', '6'), $user_id);

        // pass a single ID and user ID
        $this->ion_auth->add_to_group(1, $user_id);
	

remove_from_group()

Remove user from group(s)

Parameters

  1. 'Group_id' - NULL, integer or array REQUIRED. NULL will remove the user from all groups.
  2. 'User_id' - integer REQUIRED.

Return

Usage

        // pass an array of group ID's and user ID
        $this->ion_auth->remove_from_group(array('1', '3', '6'), $user_id);

        // pass a single ID and user ID
        $this->ion_auth->remove_from_group(1, $user_id);

        // pass NULL to remove user from all groups
        $this->ion_auth->remove_from_group(NULL, $user_id);
	

create_group()

Create a group

Parameters

  1. 'group_name' - string REQUIRED.
  2. 'group_description' - string.

Return

Usage

        // pass the right arguments and it's done
        $group = $this->ion_auth->create_group('new_test_group', 'This is a test description');

        if(!$group)
        {
        	$view_errors = $this->ion_auth->messages();
      	}
      	else
      	{
      		$new_group_id = $group;
      		// do more cool stuff
      	}
	

update_group()

Update details of a group

Parameters

  1. 'group_id' - int REQUIRED.
  2. 'group_name' - string REQUIRED.
  3. 'group_description' - string.

Return

Usage

				// source these things from anywhere you like (eg., a form)
				$group_id = 2;
				$group_name = 'test_group_changed_name';
				$group_description = 'I changed the name yay';

        // pass the right arguments and it's done
        $group_update = $this->ion_auth->update_group($group_id, $group_name, $group_description);

        if(!$group_update)
        {
        	$view_errors = $this->ion_auth->messages();
      	}
      	else
      	{
      		// do more cool stuff
      	}
	

delete_group()

Remove a group. Removes the group details from the configured 'groups' table. Users belonging to the group are stripped of this status (references to this group are removed from users_groups), but user data itself remains untouched.

Parameters

  1. 'group_id' - int REQUIRED.

Return

Usage

				// source this from anywhere you like (eg., a form)
				$group_id = 2;

        // pass the right arguments and it's done
        $group_delete = $this->ion_auth->delete_group($group_id);

        if(!$group_delete)
        {
        	$view_errors = $this->ion_auth->messages();
      	}
      	else
      	{
      		// do more cool stuff
      	}
	

set_message_delimiters()

Set the message delimiters.

Parameters

  1. 'Start Delimiter' - string REQUIRED.
  2. 'End Delimiter' - string REQUIRED.

Usage

		$id = 12;
		$data = array(
					'first_name' => 'Ben',
					'last_name' => 'Edmunds',
					 );
		if ($this->ion_auth->update_user($id, $data))
		{
			$this->ion_auth->set_message_delimiters('<p><strong>','</strong></p>');
			$messages = $this->ion_auth->messages();
			echo $messages;
		}
		else
		{
			$this->ion_auth->set_error_delimiters('<p><strong>','</strong></p>');
			$errors = $this->ion_auth->errors();
			echo $errors;
		}
	

errors()

Get the errors.

Return

Usage

		$id = 12;
		$data = array(
					'first_name' => 'Ben',
					'last_name' => 'Edmunds',
					 );
		if ($this->ion_auth->update_user($id, $data))
		{
			$messages = $this->ion_auth->messages();
			echo $messages;
		}
		else
		{
			$errors = $this->ion_auth->errors();
			echo $errors;
		}
	

errors_array()

Get error messages as an array.

Return

Parameters

  1. 'Langify' - boolean OPTIONAL. TRUE means that the error messages will be langified.

Usage

		$id = 12;
		$data = array(
					'first_name' => 'Ben',
					'last_name' => 'Edmunds',
					 );
		if ($this->ion_auth->update_user($id, $data))
		{
			$messages = $this->ion_auth->messages_array();
			foreach ($messages as $message)
			{
				echo $message;
			}
		}
		else
		{
			$errors = $this->ion_auth->errors_array();
			foreach ($errors as $error)
			{
				echo $error;
			}
		}
	

set_error_delimiters()

Set the error delimiters.

Parameters

  1. 'Start Delimiter' - string REQUIRED.
  2. 'End Delimiter' - string REQUIRED.

Usage

		$id = 12;
		$data = array(
					'first_name' => 'Ben',
					'last_name' => 'Edmunds',
					 );
		if ($this->ion_auth->update_user($id, $data))
		{
			$this->ion_auth->set_message_delimiters('<p><strong>','</strong></p>');
			$messages = $this->ion_auth->messages();
			echo $messages;
		}
		else
		{
			$this->ion_auth->set_error_delimiters('<p><strong>','</strong></p>');
			$errors = $this->ion_auth->errors();
			echo $errors;
		}
	

set_hook()

Set a single or multiple functions to be called when trigged by trigger_events(). See an example here: http://gist.github.com/657de89b26decda2b2fa

Parameters

  1. 'Event' - string REQUIRED.
  2. 'Name' - string REQUIRED.
  3. 'Class' - string REQUIRED.
  4. 'Method' - string REQUIRED.
  5. 'Arguments' - Array OPTIONAL.

Usage

	class Accounts extends CI_Controller {

    public function __construct()
    {
      parent::__construct();

			/*
      	make sure we loaded ion_auth2
        The following does not need to go in __construct() it just needs to be set before
        you trigger_events().
      */
      $event = 'socialpush';
      $class = 'Accounts';
      $args = array('this is the content of the message', 'billy');

      $name = 'activate_sendmail';
      $method = 'email';
      $this->ion_auth->set_hook($event, $name, $class, $method, $args);
      $name = 'call_Twitter';
      $method = 'twitter';
      $this->ion_auth->set_hook($event, $name, $class, $method, $args);
      $name = 'call_MailChimp_API';
      $method = 'mailchimp';
      $this->ion_auth->set_hook($event, $name, $class, $method, $args);
      $name = 'call_Facebook_API';
      $method = 'facebook';
      $this->ion_auth->set_hook($event, $name, $class, $method, $args);
      $name = 'call_gPlus_API';
      $method = 'gplus';
      $this->ion_auth->set_hook($event, $name, $class, $method, $args);
    }

    public function Post_Message($one)
    {
      $this->ion_auth->trigger_events('socialpush');
    }
    public function email($content, $who)
    {
    	return true;
    }
    public function twitter($content, $who)
    {
      return true;
    }
    public function mailchimp($content, $who)
    {
    	return true;
    }
    public function facebook($content, $who)
    {
    	return true;
    }
    public function gplus($content, $who)
    {
    	return true;
    }
  }
	

trigger_events()

Call Additional functions to run that were registered with set_hook().

Parameters

  1. 'Name' - String or Array REQUIRED.

Usage

	 $this->ion_auth->trigger_events('socialpush');
	

And here's an yet another ad. These ads bring in about $50/month so it doesn't come close to paying for the time I spend supporting Ion Auth but every little bit does help. Thanks for visiting.