0

I have installed tank auth to save me time creating a authentication script.

As I am using HMVC, tank auth has it's own module (modules/auth).

How can I protect my other modules (/admin, /members etc) with the login script??

From what I have read I need to do something like:

modules::run('auth/is_logged_in');

My auth controller looks like:

<?php if (!defined('BASEPATH')) exit('No direct script access allowed');

class Auth extends MX_Controller
{
    function __construct()
    {
        parent::__construct();

        $this->load->helper(array('form', 'url'));
        $this->load->library('form_validation');
        //$this->load->library('security');
        $this->load->library('tank_auth');
        $this->lang->load('tank_auth');

    }

    function index()
    {
        if ($message = $this->session->flashdata('message')) {
            //$this->load->view('auth/auth/general_message', array('message' => $message));

            $main_content = 'auth/auth/general_message';
            $this->load->view('includes/template', array('message' => $message, 'main_content' =>$main_content));
        } else {
            redirect('auth/login/');
        }
    }

    /**
     * Login user on the site
     *
     * @return void
     */
    function login()
    {
        if ($this->tank_auth->is_logged_in()) {                                 // logged in
            redirect('admin');

        } elseif ($this->tank_auth->is_logged_in(FALSE)) {                      // logged in, not activated
            redirect('auth/send_again/');........

an the controller/module I want to protect with the login script:

<?php

if (!defined('BASEPATH'))
    exit('No direct script access allowed');

    class Admin extends MX_Controller {

        public function __construct(){
            parent::__construct();  



            modules::run('auth/auth/login'); 

        }

The above does not seem to work? What am I missing?

hairynuggets
  • 3,191
  • 22
  • 55
  • 90
  • I think you need to check the output of `elseif ($this->tank_auth->is_logged_in(FALSE))`. If this does not evaluate to true your user won't get redirected(even though the log in check also failed) and no action will be taken, leaving the user on the admin page. – Olaf Nov 25 '11 at 13:48
  • Thanks olaf, is there a way I can test if the module I am trying to run:: is finding it's target function?? – hairynuggets Nov 25 '11 at 14:04

1 Answers1

4

I put this code into my controllers:

function _remap($method)
{
    if (method_exists($this, $method) && $this->tank_auth->is_logged_in())
    {
        $this->$method();
    }
    else
    {
        redirect('/auth/login/');
    }
}
Fittipaldi
  • 56
  • 1