**[rights control] Use CI hooks to realize authorization authentication

Http://codeigniter.org.cn/forums/thread-10877-1-1.html

Has not found the CI Authority authentication extension, previously seemed to have found a foreigner's extension, but not very good, now remember, and then imitate the way JSP firter with CI hook write a bit, feel can, do a small website, small application enough, no need to make too complicated. See a lot of people on the Internet to ask, here to share our methods, if you have a better implementation, please also remember to share to us. ^_^

usually our back-end path looks like this:

http://www.php-chongqing.com/index.php/manage/

Http://www.php-chongqing.com/index.php/manage/article/add

HTTP://WWW.PHP-CHONGQING.COM/INDEX.PHP/MANAGE/PRODUCT/DELETE/1

Http://www.php-chongqing.com/index.php/manage/user

because CI is MVC, a single entry, and gives us 7 hook points, everything is very simple, we just need to intercept the request before the CI executes the target controller method, check whether the URI starts with manage, and if the URI starts with manage, checks the user right. Jump to the landing page or the relevant Tip page without permission.

1, first to config/config.php set allows the use of hooks

$config [' Enable_hooks '] = TRUE;

2, then to config/hooks.php to configure the rights of authentication hooks

$hook [' Post_controller_constructor '] = array( ' class ' = ' manageauth', ' function ' = ' auth ', ' filename ' =' manageauth.php', ' filepath ' = ' hooks ' );

It is important to note that you must use the ' post_controller_constructor ' hook point, as we may want to use the CI AIP in Manageauth, connect the database, and so on.

3, create the manageauth.php file, put in the hooks directory, manageauth.php code as follows:

/** Background rights intercept hooks * @link http://www.php-chongqing.com * @author Bing.peng **/
classManageauth {
Private $CI;
 Public function__construct ()
{
$this->ci = &get_instance ();
}
//Authority authentication 
  Public functionAuth ()
{
      $this->ci->load->helper (' url ');
 　　　  if(Preg_match("/manage.*/i", Uri_string ())) {
 　　　　　　  //URLs that require permission checks
$this->ci->load->library (' Session ');
if (! $this->ci->session->userdata (' username ')) {
User not logged in
Redirect (' login ');
Return
}
}
}

}

OK, that's it, we're done, we pass regular expression matching, all the URLs that begin with manage are required to be accessed after landing.

the authentication of the authorization in the example is very simple, just check whether the next session is username, if there is think that the user has landed, can access resources, or jump to the landing page. Note that the landing URL must not be able to start with manage, otherwise it will reset to a dead loop.

If you need more complex authorization authentication directly write your own authentication method is OK, such as you use users, roles, resources and so on.

This implementation can basically be regarded as AOP (aspect-oriented programming), in fact, PHP has already had the embryonic form of AOP, another day with the native PHP method to intercept, to achieve the authority authentication. ^_^

**[rights control] Use CI hooks to realize authorization authentication