The Redux Authentication System

Redux Authentication is a great CodeIgniter Auth library. It’s light, easy to use and fully featured. It’s a great choice for your new or existing project due to the power it gives to the developer.

Redux Authentication

Update :

Encryption System
Since having a discussion with a member of the CodeIgniter community (Sikkle) I decided to opt out of having the ability to choose different encryption levels. The default installation will hash the password with a file and database salt.

The idea behind this is that if a hacker gets hold of your database, their attempts at trying to bruteforce your encypted passwords will fail because the password is also hashed with another file based string.

The database salt is also dynamically generated on user registration making it virtually uncrackable (I have to say virtually, because there’s always the chance however low it may be)

I was also originally worried it might add more queries, but I’ve worked out that was not the case so seeing how everyone is paranoid about security I’ve made the most secure method the default one.

So that’s the encyption system renovated.

I’ll now work on the other features.

Ps : Thanks to Sikkle various help. I noticed lots of hits to the website. I’d love to hear your feedback

Thanks for the work done
I think an ACL should be provided within Code Igniter, but… this alternative solution is welcome.

Great work Popcorn,

i’ll keep looking at the progress, i think this is another realy good addition, also i have to tell the comment in the file are just great.

peavyfr : it’s realy hard to implement ONE standard solution, auth and ACL could be handle in so many way, file, database, sub-level, multiple-controller, per method etc. etc.

This little auth-acl is a great addition by the way it’s builded and trying to provide “simple” solution.

So i’ll say keep working on that one, keep us posted.

good luck !

Thanks for the comments.

Update :

I’ve finished the auto generation of the additional columns. You shouldn’t have to mess with the database now and can add fields on the fly by just adding a new line in the configuration file.

Great auth lib!

Some small bugs have occured in check_group, and probably the other checkers as well.
Now

Should be (i believe)

Thank you!

Thanks.

I just fixed that and updated the auth_lib on the site.

Glad you like it

I still get the old files from your site even though the zip have been updated.

Anyway, this check_group thing. Wouldn’t it be better if it returned the group number so you can check it right away without any trouble?

Why are you putting so much effort into being able to get back a password from the encrypted value? Why not just do a one way encrypt and compare against that. This is most secure.

Is this PHP 5 only?
ThanX

coldKingdom :
Well, I thought it would be more usable to do : if($this->auth->check_group($email) === ‘admin’) rather than use a integer.

louis w :
It is 1 way encryption with 2 different salts. Sorry if I didn’t make this clear before.

PedroGrilo :
It uses __construct which isn’t available in PHP4.