SimpleLoginSecure

Name: SimpleLoginSecure 1.0 Download: File:SimpleLoginSecure-1.0.zip Released: October 3, 2008 CI Version: Tested with CodeIgniter 1.6.3 Author: [url=http://dunae.ca]Alex Dunae[/url]

SimpleLoginSecure for Code Igniter is a modified version of [url=http://codeigniter.com/wiki/Simplelogin/]Anthony Graddy’s Simplelogin library[/url]. In Anthony’s words:

[quote]Simplelogin is designed to give you a quick and simple login library that will get you up and running with an unobtrusive authorization system very quickly. It does not try to guess how you want to structure your app, it simply tries to give you a little help.[/quote]

There are three primary modifications to Anthony’s original code. Most importantly, SimpleLoginSecure uses the [url=http://www.openwall.com/phpass/]phpass framework[/url] for secure, portable password hashing instead of straight [em]md5[/em] without a salt. Secondly, SimpleLoginSecure uses an e-mail address instead of a user name as the login key. And finally, it adds [em]user_date[/em], [em]user_modified[/em] and [em]user_last_login[/em] date/time fields to the default install.

For more information on why [em]md5[/em] hashing is not enough, see the excellent post about [url=http://www.matasano.com/log/958/enough-with-the-rainbow-tables-what-you-need-to-know-about-secure-password-schemes/]password schemes on the Matasano Security blog[/url].

Installation and configuration

Copy [em]SimpleLoginSecure.php[/em] and the entire [em]phpass-0.1[/em] directory to your [em]system/application/libraries[/em] directory.

Create your database table using the following SQL sample. You can also edit the hash length and portability constants at the top of [em]SimpleLoginSecure.php[/em].

Use

The methods exposed by SimpleLoginSecure are identical to those of Simplelogin.

[code]// load the library $this->load->library('SimpleLoginSecure');

// create a new user $this->simpleloginsecure->create('[email protected]', 'uS$rpass!');

// attempt to login if($this->simpleloginsecure->login('[email protected]', 'uS$rpass!')) { // success }

// check if logged in if($this->session->userdata('logged_in')) { // logged in }

// logout $this->simpleloginsecure->logout();

// delete by user ID $this->simpleloginsecure->delete($user_id);[/code]

Credits

The original Simplelogin library was written by Anthony Graddy. SimpleLoginSecure was written by [url=http://dunae.ca]Alex Dunae[/url], 2008.

Original author: Derek Jones
How to extend helpers: See User Guide

SimpleLoginSecure

Installation and configuration

Use

Credits

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!