Simple Verification
Community Auth’s verification methods check if a user is logged in, but the user won’t get redirected to a login form if they are not logged in. This is the main difference between the methods below and Enforcing Authentication.
Only use 1 authentication method per request! See the following blog post for more information: How Not to Use Authentication Methods
Check if User Logged In
Most of the time, if you have a page that does not require login, but want to show a logout link or other information specific to a logged in user, you will use the following in the appropriate method of your controller:
$this->is_logged_in();
Calling is_logged_in() loads the authentication variables. Please note: the authentication variables will be set when enforcing authentication. You don’t need to call is_logged_in() if you are already using require_role(), require_min_level(), etc.
Also note: If you have set “cookie_secure” to TRUE in config/config.php, is_logged_in() will never return anything on a standard HTTP page. You can still see if somebody is logged in by checking if certain variables or config items are set.
Verify a Minimum Auth Level
The is_logged_in() method from above is actually an alias for Auth_Controller->verify_min_level(0). If instead of checking if anyone is logged in you instead want to check if a user with a auth level greater than or equal to 6 is logged in, then you do this:
if( $this->verify_min_level(6) )
{
// User with level 6 or greater can see this ...
}
The important thing to note here is that verify_min_level is not going to redirect a person to the login form if they are not logged in. We are simply checking to see if they are. Also, if the user is not level 6 or greater, they are logged out!
Verify a Role
If you want to verify that a specific user role is logged in:
if( $this->verify_role('admin') )
{
// Admin can see this ...
}
You could also check for more than one role:
if( $this->verify_role('admin,manager') )
{
// Admin or manager can see this ...
}
Notice that “admin,manager” is just a comma delimited string (not an array).
Verify a Role After Simple Verification
After you have done a simple verification using one of the methods above, you may have a case where you don’t know the role, if for instance you verified admin and managers. We can find the true role of the logged in user as follows:
if( $this->verify_role('admin,manager') )
{
// Admin or manager can see this ...
if( $this->is_role('admin') )
{
// Only admin can see this ...
}
}
Or we can use the auth_role class member:
if( $this->verify_role('admin,manager') )
{
// Admin or manager can see this ...
if( $this->auth_role == 'admin' )
{
// Only admin can see this ...
}
}