Auth package
The Auth package provides a standardized interface for authentication in Fuel. This allows our users to write their own drivers and easily integrate a new driver to work with old code by keeping the basic methods consistent.
Introduction
Creating an Auth package that will suit everyone or every implementation is impossible. As a framework we don't want to force how you do Auth, but we do want to facilitate you creating your own or using the work of others. This is where the Auth package comes in, which of course includes a simple implementation to get you going.
The interface contains 3 types of drivers (which can be extended to more types): login, groups & ACL.
The login drivers handle a user login and can handle multiple login drivers at the same time. For example
one could make it possible for users to login through Twitter and their own native users at the same time
using 2 login drivers.
As a next step you could group those 2 types of logins using a group driver that doesn't care about the
type of login you're using. And last but not least you can use an Acl driver to give specific rights to
those groups.
The above is just an example of how you might use it, not how you have to use it. Read on in the next section to understand which methods are part of the generic interface and which will be driver specific: Basic usage and Writing drivers.
Installation
The Auth package is included in the Fuel download. All you need to do is enable it in your config.
'packages' => array(
'auth',
),Configuration
Auth can be configured in a config/auth.php file and takes the following keys:
| Param | Type | Default | Description |
|---|---|---|---|
| driver | string|array | |
Login drivers to load, the first will also be the default returned by Auth::instance(). |
| verify_multiple_logins | bool | |
Whether checking for login continues after one driver has validated a login successfully, this makes it possible to login in multiple ways at the same time. |
| salt | string | |
The salt used for password hashing. |
Note that 'verify_multiple_logins' is a driver level setting. It has no meaning for login drivers, it does not mean "allow a user to be logged-in multiple times"!
Your auth config file should look like this:
<?php
return array(
// The drivers
'driver' => array('SimpleAuth'),
// Set to true to allow multiple logins
'verify_multiple_logins' => true,
// Use your own salt for security reasons
'salt' => 'Th1s=mY0Wn_$@|+',
);
/* End of file auth.php */