Auth

Posted on | by skunkbad

Brain’s Auth class is more or less a port of Community Auth‘s core authentication, but improved and refactored significantly. Brain’s Auth requires PHP 5.5.0 or higher, unless you use a compatibility script like Anthony Ferrera’s password_compat. That said, much of the cool example application that came with Community Auth has been stripped out. The reason being that most applications will require customization that makes providing examples just a waste of time. Brain just provides a very solid authentication class with the following features:

  • Login
  • Maximum failed login attempts detection and lockdown
  • Username and password recovery
  • Brute force detection and lockdown
  • Strong password enforcement

Config

Configuration of Auth is done in the config/auth.php file. Options are pretty self explanatory, but most mirror those of Community Auth.

Basic Views

Basic views have been provided for the five fundamental authentication pages. These views are listed in the auth config file, and when you create your own custom views, you will just replace the route of the basic view with that of your new one. The basic views are:

  • Login form – form to attempt login
  • Login page – destination once logged in
  • Recovery form – input email address
  • Recovery form #2 – change password
  • Logout page – destination upon logout

Basic Usage

// Force a person of any level or type to be logged in
if( Auth::check() )
{
  // Do stuff for person logged in ...
}

/**
 * Check if person of any level or type 
 * is logged in when login is optional
 */
if( Auth::check( FALSE ) )
{
  // Do stuff for person logged in ...
}

/**
 * Check that user is a level or in (roles|groups) and if login
 * is mandatory then present the login form.
 */

// Check if a person of role type "user" is logged in
if( Auth::check_is('user') )
{
  // Do stuff for user logged in ...
}

// Forces user of role type "admin" to be logged in
if( Auth::check_is('admin') )
{
  // Do stuff for admin logged in ...
}

// Forces user of level 1 or higher to be logged in
if( Auth::check_is( 1, 'level' ) )
{
  // Do stuff for user level 1 or higher logged in ...
}

// Forces user of staff group to be logged in
if( Auth::check_is( 'staff', 'groups' ) )
{
  // Do stuff for staff group member logged in ...
}

// Log the person out
Auth::logout();