The auth extension can be used to authenticate and authorize users. After downloading the extension, add the file inside the extensions folder and import the SQL file into your database.
If imported correctly, you should now have the following tables inside your database.
The users table is used for among other things, storing user data, updating user data, listing user data, deleting user data. When just imported, The users table should not have already existing rows.
id | username | password | created_at | updated_at | role_id | |
---|---|---|---|---|---|---|
- | - | - | - | - | - | - |
- | - | - | - | - | - | - |
The Roles table can be used for among other things, authorization, listing role types.
id | name |
---|---|
1 | admin |
Authentication is based on either the username and password or an email and password. The passwords should be stored hashed. This can be done simply by using the php password_hash function. Otherwise authentication will fail no matter what.
After a successful authentication, multiple sessions will be set, logged_in, username and user_role. These sessions can be helpful to create certain functionality after authentication. After a failed login attempt, the session failed_login_attempt will be set. After more than 3 failed login attempts, another session will be set, named failed_login_attempts_timestamp. When this session is set, an actual timeout will be set for users to authenticate for 300 seconds (5 minutes). During this timeout, authentication will also fail.
<?php
namespace app\controllers;
use extensions\Auth;
class ExampleController extends Controller {
public function example() {
if(Auth::success(['username' => $request]) === true) {
/**
* Authentication is successful
*/
}
}
}
Add another argument as an associative array where the key value is 'role' and the value the preffered role type.
<?php
namespace app\controllers;
use extensions\Auth;
class ExampleController extends Controller {
public function example() {
if(Auth::success(['email' => $request], ['role' => 'admin']) === true) {
/**
* Authentication is successful
*/
}
}
}