Jelly-rauth is a project mainly written in PHP, it's free.
A simplified Kohana 3 authentication library for Jelly modelling system
The Kohana 3 authentication library for Jelly modelling system. It is based on the strongly rebuilt Jelly-Auth driver by raeldc.
Main differences
Basic way It is about using only one auth profile. Your user model will be Model_User, feel free to enrich its functionality (copy it from MODPATH/jelly-rauth/classes/model/user.php to APPPATH/jelly-rauth/classes/model/user.php and extend).
Advanced way
Sometimes you feel some hesitancy when, for example, need admin password to be hashed strongly, and user password need not, or want to check admin in the database repeatedly, but for users it is not critical and can overload database. With Jelly-rAuth you can create different auth profiles, like independent 'restricted access areas' -- one for users and another for administrators, for example.
Be sure to plug-in Jelly modelling system in bootstrap.php
Plug-in jelly-rauth module in bootstrap.php
Go to config/rauth.php and set up profiles, like below. Please be sure to set different session keys and (if use) autologin cookies. 'model_name' should be set without Jelly model prefix ('Model_')
return array
(
'user' => array(
// user model name without model prefix, 'user' by default
'model_name' => 'user',
'hash_method' => 'md5',
'salt_pattern' => '1, 3, 6, 9, 12, 15',
'lifetime' => 1209600,
'session_key' => 'rauth_user',
// autologin cookie name
'autologin_cookie' => 'user_autologin',
// should user status be checked from DB at every instance, set TRUE for better security, but that adds load for DB too
'strong_check' => FALSE,
),
'admin' => array(
// user model name without model prefix, 'user' by default
'model_name' => 'admin',
'hash_method' => 'sha1',
'salt_pattern' => '2, 5, 8, 11, 14, 17, 20, 29',
'lifetime' => 1209600,
'session_key' => 'rauth_admin',
// autologin cookie name
'autologin_cookie' => 'admin_autologin',
// should user status be checked from DB at every instance, set TRUE for better security, but that adds load for DB too
'strong_check' => TRUE,
),
);Create the database structure, you can take jelly-rauth-schema.sql as example. If want to use autologins, create a corresponding number of token tables, for our config they should be 'user_tokens' and 'admin_tokens', by model names. If change field names, be sure to modify corresponding Jelly models.
There should be a model extending Model_Rauth_User for every config entry. In our case, Model_User is presented by default, you should manually create Model_Admin (and adjust it to your needs) like
class Model_Admin extends Model_Rauth_User
{
public static function initialize(Jelly_Meta $meta)
{
$meta->fields(array(
'email' => new Field_Email(array(
'label' => __('E-mail'),
)),
));
parent::initialize($meta);
}
}Tokens should also have their own models (named like Model_$config['model_name']_Token) extending Model_Rauth_Token. In our case, Model_User_Token is presented by default, we only need Model_Admin_Token like that (notice that field properties are modified to correspond our database schema)
class Model_Admin_Token extends Model_Rauth_Token
{
public static function initialize(Jelly_Meta $meta)
{
$meta->fields(array(
'user' => new Field_BelongsTo(array(
'foreign' => 'admin',
'column' => 'user_id',
)),
));
parent::initialize($meta);
}
}Rauth::instance('some-profile-name') returns corresponding auth instance. For our example, we can use Rauth::instance('user') and Rauth::instance('admin') to work with corresponding authentication profiles.
Please provide feedback to make Jelly-rAuth better. Thank you!