Responsible for authentication and authentication of users into the system
$user : null
This will hold the currently logged in user, this is loaded each time this class is loaded.
This variable is not meant to hold the current user through sessions because of how codeigniter works with libraries, That is , this class loaded with every request, meaning this variable is reset with every request. thats where session comes into play.
Session will hold the user identifier only, and this variable is loaded with each request
authorize(string $username, string $password, boolean|TRUE $user_back = TRUE) : mixed
Determines if user has rights to access the system but does not log the in.
useful when authorizing in an enviroment that does not have sessions like mobile api.
To authorize a user using username and password.
$user = $this->auth->authorize($username, $password);| string | $username | the username |
| string | $password | the password |
| boolean|TRUE | $user_back | if true, returns the authorized user on success, if false returns boolean true on success. |
login(string $username, string $password, boolean|FALSE $remember = FALSE) : boolean
Logs the user in and setsup the necessary session data.
To log in a user using username and password.
$user = $this->auth->login($username, $password);| string | $username | |
| string | $password | |
| boolean|FALSE | $remember |
require_login(string $route = NULL)
Ensure that is able to access a controller only if the are logged in,
call this method inside a controller method to make sure the method is only accessed by logged in users call this method inside a controller constructor to make the whole controller require login
$this->auth->require_login();| string | $route | the route to redirect to if user is not authenticated |
require_perm(string $permissions, string $route = NULL)
Ensure that is able to access a controller only if the are logged in,
call this method inside a controller method to make sure the method is only accessed by logged in users call this method inside a controller constructor to make the whole controller require login
$this->auth->require_login();| string | $permissions | the permission to check for. |
| string | $route | (optional)the route to redirect to if user is not authenticated |
has_role(\(array|\string) $check_roles) : boolean
Checks if the user has the provide roles, if an array is provide it checks if a user has any one of the roles in the array
Returns false if user is not authenticated or does not have the required roles
To check if user has entrepreneur, investor, admin
$this->auth->has_role(array('entrepreneur', 'investor', 'admin')));To check for one role
$this->auth->has_role('admin');| \(array|\string) | $check_roles | (array|string) |
has_perms(array $perms) : boolean
Checks if the user has all the passed in permissions.
To check if user has permission, can_edit, can_delete
$this->auth->has_perm(['can_edit', 'can_delete']);| array | $perms | a list of permissions. |
password_change(string $old_password, string $new_password, string $new_password_repeat) : boolean|mixed
Allows currently authenticated users to change there passwords. and returns the new password hashed.
$pass = $this->auth->password_change($password_old, $password_new, $password_repeat_new);| string | $old_password | the users old password. |
| string | $new_password | the new password |
| string | $new_password_repeat | the new password repeated |
returns false if user is not able to change password, or the hash new password if they are able