0

I am new to programming and I am making a login/pass authentication system for a project in Code Igniter. I can simply secure pages by setting session and then giving access based on whether the session is set or not ... Before I jump into it ... I see many auth libraries around .. like tank auth, ion auth and so on.

My question is, why would anyone use Auth libraries? If my app is simple which means there will be just one kind of user with same permissions, do I still need Auth lib like Ion Auth?

Jamil Khan
  • 134
  • 3
  • 12
  • 1
    If you're comfortable writing your own auth and have the time to do it, then by all means - go for it. If not, then it makes sense to use (and possibly customize) an existing solution. – Wesley Murch Jan 29 '13 at 16:54
  • I personally suggest using bitauth library – He Hui Jan 30 '13 at 06:49

1 Answers1

2

Existing Auth libraries usually are tested by users and their bugs and security flaws are, often corrected and the code is mantained.

An own implementation of it, disregarding its simplicity, is allways a test on what you know and what you can do about handling security.

There are good CI Auth libraries, but if you're going towards your own be sure to make it as safe as possible, assuming every user input is malicious... and also, go on and take a look at this article

João Dias
  • 1,078
  • 1
  • 15
  • 38