Documentation

This page serves as an overview of Community Auth. By reading this page, you should have a general understanding of the purpose of the files distributed with Community Auth.

Community Auth is a CodeIgniter Package

CodeIgniter added third party package functionality in version 2, and it allows for distribution of a set of config files, libraries, drivers, models, helpers, and views. It does not, however, allow for core extensions, controllers, and hooks to be implemented without moving them into the corresponding application sub-directories. See below for a brief description of the files distributed with Community Auth.

/config

  • /form_validation/login.php
  • /authentication.php
  • /db_tables.php

The form validation file is a CodeIgniter form validation rule set for login attempts.

Community Auth’s main config file is authentication.php.

The db_tables.php file references the tables that are used in Community Auth.

/libraries

  • /Session/MY_Session.php
  • /Authentication.php
  • /MY_Encryption.php
  • /Tokens.php

MY_Session extends CodeIgniter’s session class so that a user can select a persistent session, a.k.a. “Remember Me”.

Authentication.php is Community Auth’s main library.

MY_Encryption.php extends CodeIgniter’s encryption class allowing for easy switching between encryption settings that Community Auth uses, and whatever you normally use in your application.

Tokens.php is a library that provides an array of CSRF type tokens, but is more flexible.

/models

  • /Auth_model.php
  • /Examples_model.php
  • /Validation_callables.php

Auth_model.php handles logins, including login errors and writing denials to .htaccess. You will most likely replace or greatly revise this model for use in your application.

Examples_model.php handles user account recovery. You will most likely replace or greatly revise this model for use in your application.

Validation_callables.php is a place where Community Auth has stored an external form validation callback. The sole callback in this file is a password strength checker.

/helpers

  • /MY_form_helper.php
  • /auth_helper.php
  • /serialization_helper.php

MY_form_helper.php alters the function that creates the form opening tag so that the Tokens library injects its token as a hidden form field. It also handles modifying the action if site uses SSL.

auth_helper.php has functions to help you determine if a certain role is logged in, and also if a logged in user has specific ACL permissions.

A serialization helper offers a function to check if something is serialized, as well as offering some legacy CodeIgniter functions for serialization and unserialization.

/views

  • /examples/ajax_login_form.php
  • /examples/choose_password_form.php
  • /examples/login_form.php
  • /examples/recover_form.php
  • /examples/page_header.php
  • /examples/page_footer.php

The views provided with Community Auth are simple examples for login and account recovery. These are just examples, so please create your own by using them as a reference.

/core

  • /Auth_Controller.php
  • /MY_Controller.php
  • /MY_Input.php
  • /MY_Model.php

Auth_Controller.php holds the main methods used to verify or require authentication in your controllers.

MY_Controller.php is a base controller extending Auth Controller. Your controllers will extend MY_Controller.

MY_Input.php extends CodeIgniter’s input class for easier usage and encryption of cookies.

MY_Model.php is a base model extending CI_Model. The methods it contains are called directly or indirectly when checking if a logged in user is a specific role, and if a logged in user has specific ACL permissions.

/controllers

  • /Crons.php
  • /Examples.php
  • /Key_creator.php

The Crons controller is an optional controller, currently allowing for auth sessions garbage collection via cron job.

The Examples controller contains some super basic examples to get you up and running. Because it holds the essential login method, logout action, and actions for account recovery, you will end up creating suitable methods to replace them in one of your own controllers. You will absolutely delete this file before your site goes to production.

The Key_creator controller is a utility for quick creation of CodeIgniter’s encryption key during Community Auth installation. Only accessible if no encrpytion key is currently set in config/config.php.

/hooks

  • /auth_constants.php
  • /auth_sess_check.php

The auth_constants.php hook defines authentication related constants that can be used anywhere in your application. It’s loaded as a pre-system hook so that the login page is accessible in the routes configuration.

The auth_sess_check.php hook handles session regeneration for user records when no auth related functions were called during the execution of a request. Without this hook, if the session is regenerated on a page calling no auth functions, the session will drop on the next request.

/public_root

  • /.htaccess

An .htaccess file is provided for use with Community Auth’s deny access feature.

/sh

  • /.development_install.sh
  • /.install.sh
  • /.optional_fast_install.sh

The .development_install.sh file creates a complete development environment by cloning the Community Auth repository, downloading and extracting CodeIgniter, creating a database, and configuring CodeIgniter.

A simple shell script for linux or mac users is provided (.install.sh). This executable file copies files from the package to the corresponding application sub-directories during installation of Community Auth. There is no requirement to use it.

The .optional_fast_install.sh file is able to download both CodeIgniter and Community Auth, extract them, and set up the files as if you had run .install.sh.

Read more about these shell script installers here: The Shell Script Installers

/sql

  • /install.sql

An SQL file is provided for the intention of setting up your database for use with Community Auth.