标签云

微信群

扫码加入我们

WeChat QR Code

I see there are a few. Which ones are maintained and easy to use? What are their pros and cons?


If you are still interested, look at Tank Auth. I just updated my post below after reviewing it, and it is excellent.

2018年07月18日03分37秒

Thanks for the update! This will be valuable information for visitors to this question in the future, so I changed the accepted answer.

2018年07月17日03分37秒

Why the sudden close? It seems to fit very well with the six subjective question guidelines.

2018年07月17日03分37秒

Nominated for reopening. Answered a question which I had (what authentication systems in CI are worth looking at) perfectly.

2018年07月17日03分37秒

Agreed with BrianOrtiz and Cruachan: Why close? Good question, and great answers.

2018年07月17日03分37秒

I am still on it, ran into a nasty architecture problem and had to choose between hacking together a quick workaround (that would work just fine but suffer from tight coupling), or sit back and think hard about how to do it right. I chose the latter option, and still haven't cracked it :D

2018年07月17日03分37秒

Jens, you might want to look at Tank Auth which seems to have been created in response to your (excellent) post: codeigniter.com/forums/viewthread/110993

2018年07月18日03分37秒

Can you update this post and compare with Ion-Auth (derived from dx-auth)? It seems like ion-auth is more up to date and active then tank-auth at this point in time. I want to know from a security perspective if it is as good as Tank-auth or not, because it has some additional features that might be useful.

2018年07月17日03分37秒

All these libraries use mysql.. however I use MongoDb which is a noSql database. Is there a library which works with MoongoDB? I tried converting one of the libraries above to insert into MongoDB instead of MySql but it is getting too complex and would like to know a library which already does this

2018年07月17日03分37秒

Lykos: Sure -- User data would be auth-specific data such as UserID, UserName, Email, PasswordHash, LastLoginTime, etc. Profile data should be stored in a separate DB table and could be anything, depending on the specific application. This could include things like birthday, gender, hometown, reputation score, etc. This way, the application developers can modify the ProfileData table in any way they like, without having to worry about the auth system suddenly breaking.

2018年07月18日03分37秒

Ah, see, that's really good to know - nice to have all aspects in one library, keeps it all simple and functional. Will have to look into Ion_Auth just for that reason! Thanks Burton!

2018年07月17日03分37秒

That is a good point, of course, and role management (authorization in general) is central part of many sites, closely tied to the authentication system. Still, I will choose a secure authentication system with simplistic or nonexisting role management over a vulnerable authentication system with advanced built-in role management any day.

2018年07月18日03分37秒

Ion_Auth works nicely with CI 2.1, and DataMapper ORM

2018年07月17日03分37秒

Ion Auth works fine for me too, has everything I need and nothing I don't (like secret questions and the likes).

2018年07月17日03分37秒

Ion Auth looks like the current leader in terms of usage, features and light-weight-ness.

2018年07月17日03分37秒

I have tried both Tank Auth and Ion Auth and I can say that Tank Auth code is much more cleaner, easier to understand and easier to extend than Ion Auth. On the other side Ion Auth supports 'roles'.

2018年07月17日03分37秒

Oh hi Mathew - and thanks for taking the time to answer my post. The beta sounds very interesting - as I'm sure you noticed, Redux already came closest to getting it all right in my round-up, so I'll be looking into it right away.

2018年07月17日03分37秒

Just had a quick glance at the CI Forum thread and the roadmap. Looking good - with respect to the 'dynamic' salts, I recommend concatenating (reg. date) . (config file hash key) . (code or password) to thwart rainbow tables and brute force on a stolen database

2018年07月18日03分37秒

Also, I have some thoughts on auth best practices (stackoverflow.com/questions/549/…) and botnet throttling (stackoverflow.com/questions/479233/…) you might want to run over

2018年07月18日03分37秒

does the current version support the latest version of Code Igniter? It seems like there hasn't been an update in very long. Otherwise I like it.

2018年07月18日03分37秒

I'm using Redux with the latest CI version in a production site. It's very lightweight, just like CI and very customizable.

1970年01月01日00分03秒

Redux is longer maintained, see this discussion. codeigniter.com/forums/viewthread/145342

2018年07月18日03分37秒

Ion Auth is based on Redux Auth 2, and it's the one that I would use. PyroCMS uses it too. github.com/benedmunds/CodeIgniter-Ion-Auth

2018年07月17日03分37秒