Having finished the registration process, I realized I needed some way to keep people logged in, let them log in, log out, retrieve their password, possibly have some kind of email validation, etc. All sorts of things. I started looking through the CodeIgniter user guide and about they closest things they have is the session library. While you could use it to track if a user is logged in, that’s about the extent of the value it would provide to you.
At first I looked for ways that I might be able to at least run checks on pages to see if a user is logged in or not. It turns out that’s not terribly difficult (once you figure out how to do it). You need to create your own authentication controller for use with pages where you want to check if the user is logged in. Cool, that works. I could throw the log in/log out functionality in easily enough, but resetting passwords and validating email addresses would be a whole different matter.
That’s when I decided that I should start looking for a user-contributed authentication library. The CodeIgniter Wiki has a nice list of them. As I started looking through them and all their various features I realized I should come up with a list of the features that I needed to have. Here’s what I was looking for in a library:
- Good coding practices
- Good documentation
- Small number of files
- Database implementation that’s not complex
- Login using username or email address
- Emails for lost passwords
- Automatic login
- Hashing of passwords
- Maximum number of failed login attempts
- Emails for activation (nice to have)
- reCAPTCHA support (nice to have)
Not too harsh, right? Unfortunately most of the libraries ended up being too large, too simple, or completely lacking in documentation. It was hard to find a library that fit somewhere in the middle. I did find one library that might meet all of my requirements, and if not, it’s awfully close: Redux 2 (beta). It has all of the functionality I want, it doesn’t contain a crazy number of files, the database is simple and well thought out, there’s a complete sample application that makes use of the library, and more. I’m going to give it a try and comment in my next post on how well it works.
I should also mention in the course of my search I came across an excellent post on Stack Overflow regarding authentication libraries for CodeIgniter. There’s a lot of great discussion on that page and Redux was also listed there as being one of the better solutions available.