I use datamapper with all my CI web apps so didn’t want to use one of the existing auth library’s also I am interested in improving my skills so decided to build one myself.
Basically I am looking for somebody to look over my code and see if I have missed anything and also offer improvement advice. You are also free to use it.
It uses the datamapper example login_manager library as its core but I have added functionality to handle the following:
Forgotten passwords: Password_reset controller. User enters their registered email address and if the user exists a new random password is generated and sent to the email address.
User registration and activation: registration controller. The user registers by entering their details. A conformation email is sent to user with a link back to the registration/activate function containing an activation code if the code matches the user is activated. Also checks if the user has previously activated their account.
Existing users can change their passwords: update_password controller.
Login remember me functionality added to the library.
Both front end and an admin login page.
Database includes the following tables: users, user_profiles, user_types
I think I have covered all the basics for a login/ basic auth system.
I have included my full CI installation and an sql file to recreate the database. There is no styling or anything with this just plain views to be styled anyway you want.
Both users, andy91 and andy78 both have the password test1234.
Take a look and let me know if I have left any gaping security holes.