lonnieezell / myth-auth Goto Github PK
View Code? Open in Web Editor NEWOne-stop Auth package for CodeIgniter 4
License: MIT License
One-stop Auth package for CodeIgniter 4
License: MIT License
myth-auth/src/Config/Services.php
Line 7 in 9b930b9
Should be use Myth\Auth\Authorization\GroupModel;
Hello Guys !
I will take the weekend to try CI4 and the main thing I needed was a reliable auth library.
Thank god I found this... I am already a Lonnie´s HUGE fan ( just got my patron status ).
What I want to ask/propose is a CORE version of this auth library. A version with only the login, create user, check credentials, etc...
Is it possible ? What do you think about this idea ?
Thank you !
When installing with spark several files are copied to App namespace and a conversion is made dealing with their namespaces.
However, when App view-files are loaded, several path error appear as namespace get converted to Auth\Views\etc... instead of \App\Views\Auth\etc...
<?= view('\App\Views\Auth\_header') ?>
This happens in all of the Auth View files, but _footer, _message_block and _navbar
Scenario:
App\Config\Filters
)before($request)
method avoids checking for logged in user when route is login
, forgot
or reset-password
So far, everything works as expected. But, when I click on the reset form link (http://whatever.com/reset-password?token=e6290a3d8d156339963092e08228f039
) I keep being redirected to login form.
Routes work as expected too. If, for instance, I write the URL like http://whatever.com/reset-password
I get the reset-password form OK.
If I write the URL like http://whatever.com/reset-password?
works fine too.
And so on...
...until I write http://whatever.com/reset-password?token=
Then, it redirects to login form. Whatever I write after the = sign makes no difference
Now, if I log-in, I am redirected to the reset-password form and the token input field gets populated just fine.
Tried d($request)
first thing inside the before()
method of LoginFilter and URL is fine.
But when I d($request)
after the current_url()
check and before the return
, d($request) shows /login as the URL
Also, if I get rid of the global login
filter, everything works as expected.
Any ideas?
Only by commenting out routes in \Myth\Auth\Config\Routes can App\Config\Routes be taken into consideration
Just adding a second 'where' condition will do:
$user = $users->where('email', $this->request->getPost('email'))->where('reset_hash', $this->request->getPost('token'))->first();
On the other hand, what's the logic you thought for "reset-time" field in DB?
I guess it'd mean that you could put a certain amount of minutes of token validity that could be checked just after the $user = $user->where()...->first()
above. Am I right?
Hi,
I get permission error
I try do this
class Test extends Controller {
use \Myth\Auth\AuthTrait;
public function __construct() {
}
public function index() {
$this->restrictWithPermissions('price', '/');
}
}
And I get this error:
Argument 3 passed to Myth\Auth\Config\Services::authorization() must be an instance of CodeIgniter\Model or null, boolean given, called in /Applications/XAMPP/xamppfiles/htdocs/TrackTrace/web.track-trace/system/Config/BaseService.php on line 114
composer.json includes the library path as well as mapping '\Config' to this library's support\Config (https://github.com/lonnieezell/myth-auth/blob/develop/composer.json#L31), which overwrites the namespace for app/Config causing issues with older versions of the config files, for example:
Undefined property: Config\Toolbar::$maxQueries
Is the intent for this library to be added via Composer to existing CodeIgniter projects? And if so, what purpose is autoloading support/Config service?
Refer to docs authorization.md please add some example interface like how to using
Don't know if I'm bothering you with these errors, but I'm trying to use it in a project with CI4 and whenever I find what I think is an error I try to report it to you.
If you don't like/want me doing this, please let me know and I'll stop.
Thanks for all your code & work!
I believe this package is stable enough to merit a release (at least a pre-release) that could then be published to Packagist.org to support Composer installs.
It looks like $routes->discoverLocal
never made it into beta. I see it in codeigniter4/CodeIgniter4@9a1ffb5 but maybe plans were dropped to include it? Is this still a valid step for configuration, or is it superseded by namespaced route discovery?
myth-auth/src/Config/Services.php
Line 8 in 9b930b9
Should be use Myth\Auth\Authorization\PermissionModel;
They still follow the CI3 pattern where it would spit out the headers immediately, instead of returning the result. They need to be updated to return redirect()
.
@lonnieezell I have been trying to update users password but no success. I try to scan through the folk tales of this script. I saw you are using password_hash
with base64_encode
together so I try using password_verify
but no way. Please Can you show me how to do this in order to pass through it. I am trying to verify the current password before changing it.
Lonnie,
You may want to consider using https://github.com/socialite-manager/socialite instead of hybridauth. It's based off the Laravel component of the same name, and seems to be pretty robust.
Btw, just curious, how does myth-auth compare against php-auth or others?
Core Providers
twitter
github
google
facebook
bitbucket
linkedin
Other Providers
Instagram
Line
VKontakte
Weixin
QQ
Weibo
Twitch
Slack
Discord
Dropbox
Yahoo
Spotify
GitLab
Yandex
Add more...
ErrorException
Object of class CodeIgniter\Email\Email could not be converted to string
APPPATH/Controllers\AuthController.php at line 212
205 ->setSubject(lang('Auth.forgotSubject'))
206 ->setMessage(view($this->config->views['emailForgot'], ['hash' => $user->reset_hash]))
207 ->setMailType('html')
208 ->send();
209
210 if (! $sent)
211 {
212 log_message('error', "Failed to send forgotten password email to: {$email}");
213 return redirect()->back()->withInput()->with('error', lang('Auth.unknownError'));
214 }
215
216 return redirect()->route('reset-password')->with('message', lang('Auth.forgotEmailSent'));
217 }
218
219 /**
Using current CodeIgniter version:
https://github.com/codeigniter4/CodeIgniter4
cloned myth-auth to app/ThirdParty/auth
added to Autoload.php $psr4:
'Myth\\Auth' => APPPATH . 'ThirdParty\\auth\\src', // Auth system
added to Validations.php
\Myth\Auth\Authentication\Passwords\ValidationRules::class,
and migrated
php spark migrate:latest -all
when i try
localhost:8080/login
i not checked if is a issue with this system or with CI4
a workaround that worked to me:
CI4\system\Autoloader\FileLocator.php
commented line 135:
//$filename = $folder . '/' . $filename;
Errors that happen in FlatAuthorization are not being set into session('errors)
Hi,
I don't see how I can get validation errors. When eg my group edit was failed I try to get an error from FlatAuthorization::error()
but I get nothing. Validation errors we should get from $this->groupModel->errors()
but we don't have access for that.
I am talking about this part (and more)
if (! $this->groupModel->update($id, $data))
{
$this->error = $this->groupModel->error();
return false;
}
Set these vars to null in case a reset password was asked.
Scenario:
user (one with short memory) requests a
reset-token and then does nothing => asks the
administrator to reset his password.
User would have a new password but still anyone with the
reset-token would be able to change the password.
Codeigniter Version 4.0.0-rc.2.1
Myth\Auth Version dev-develop
ErrorException
Undefined variable: errors
SYSTEMPATH/Validation\Validation.php at line 651
/span> // If we already have errors, we'll use those.
/span> // If we don't, check the session to see if any were
/span> // passed along from a redirect_with_input request.
/span> if (empty($this->errors) && ! is_cli())
/span> {
/span> if (isset($_SESSION) && session('_ci_validation_errors'))
/span> {
/span> $this->errors = unserialize($errors);
/span> }
/span> }
/span>
/span> return $this->errors ?? [];
/span> }
/span>
/span> //--------------------------------------------------------------------
APPPATH/Controllers\AuthController.php : 156 — CodeIgniter\Model->errors ()
/span> 'email' => 'required|valid_email|is_unique[users.email]',
/span> 'password' => 'required|strong_password',
/span> 'pass_confirm' => 'required|matches[password]',
/span> ]);
/span>
/span> if (! $this->validate($rules))
/span> {
/span> return redirect()->back()->withInput()->with('errors', $users->errors());
/span> }
/span>
/span> // Save the user
/span> $user = new User($this->request->getPost());
/span>
/span> if (! $users->save($user))
/span> {
Redirect is doing nothing here. No companies either.
Don't know exactly why, but changing redirect to header works fine.
I know it's not a solution, but it helps to continue with the rest in the meantime.
if (empty($uri))
{
+ header("Location: ".route_to('login'));
+ die();
redirect( route_to('login') );
}
However, header will not take into account the redirect_uri passed as a GET parameter
Now that we (sort of) have Email working again in CI4, I tried using the forgot password feature.
All works fine until I click on the email link sent to the user.
Login filter tests the current_url() to see if it's a login page, but doesn't take into account the reset-password url. Therefore, it keeps on redirecting to login. Once logged in, it obviously redirects to reset-password form so you can enter the sent token. No point in this as you might definitely don't know your password.
Easy enough, adding a third 'OR' to the if will make it work fine.
if ( (current_url() == site_url(route_to('login'))) || (current_url() == site_url(route_to('forgot')))
|| (current_url() == site_url(route_to('reset-password')))
) { return; }
It only gets group permissions, but a user may have a permission set independently from the group/s he's in.
Filters can take parameters?? Anywhere this is documented? I dug through the CI4 Router code but there’s a lot of different pieces there...
Revisiting #30, the auth filters don't seem to be working. Tracking it down, it looks like $params
is empty no matter what is passed. If I'm understanding system/Filters/Filters.php correctly, it looks like only the request object is passed in and no additional parameters:
https://github.com/codeigniter4/CodeIgniter4/blob/develop/system/Filters/Filters.php#L150
Is this something still coming down the pipe? or incorrectly missing? or am I misunderstanding?
Can not install the myth auth with composer please can you make it compatible.
composer require myth/auth
[InvalidArgumentException]
Could not find a version of package myth/auth matching your minimum-stabili
ty (stable). Require it with an explicit version constraint allowing its de
sired stability.
require [--dev] [--prefer-source] [--prefer-dist] [--no-progress] [--no-suggest]
[--no-update] [--no-scripts] [--update-no-dev] [--update-with-dependencies] [--
update-with-all-dependencies] [--ignore-platform-reqs] [--prefer-stable] [--pref
er-lowest] [--sort-packages] [-o|--optimize-autoloader] [-a|--classmap-authorita
tive] [--apcu-autoloader] [--] [<packages>]...
Please check this issue
Authentication fails with an exception when a user that doesn't exist tries to log in with a username instead of email.
This is because when it tries to log the failed attempt, it forcefully uses $credentials['email']
only
DictionaryValidator uses the following to check for personal information in the password
if ($user !== null)
{
$names = [
strtolower($user->name),
strtolower(str_replace(' ', '', $user->name)),
strtolower(str_replace(' ', '.', $user->name)),
strtolower(str_replace(' ', '-', $user->name)),
];
The problem is that, as far as I can determine, the Entity used in myth/auth does not have a name
property. Should they all be $user->username
?
I have been thinking of offering a PR on this functionality anyway and, if $user->name
needs fixing I can fix it there.
Hi,
I try to add permissions to the user and I found an error because method addPermissionToUser
working with User entity and add permission as a column of user
table. Checking user permissions (method doesUserHavePermission
) working with auth_users_permissions
table so here we have some differences.
Even if I want to add permission to User entity then I get another error as below:
TypeError
Argument 1 passed to Myth\Auth\Entities\User::setPermissions() must be of the type array or null, string given
I pass an array of permission but here Entities/User.php:175
should be (or use Entity JSON casting)
$this->attributes['permissions'] = json_encode($permissions);
not
$this->permissions = json_encode($permissions);
becouse array converted into json
is again converter to json
but now it isn't array but string.
After installation appears this error:
Error shows at any routes URLs (register, login, forgot)
Undefined property: Config\App::$CSRFHeaderName
SYSTEMPATH/Security\Security.php at line 183
php spark auth:publish
Publish Views? [y, n]: y
An uncaught Exception was encountered
Type: ErrorException
Message: mkdir(): No such file or directory
Filename: C:\xampp\htdocs\codeigniter4-admin\vendor\myth\auth\src\Commands\Publish.php
Line Number: 273
Backtrace:
-273 - C:\xampp\htdocs\codeigniter4-admin\vendor\myth\auth\src\Commands\Publish.php::mkdir
-182 - C:\xampp\htdocs\codeigniter4-admin\vendor\myth\auth\src\Commands\Publish.php::writeFile
-162 - C:\xampp\htdocs\codeigniter4-admin\vendor\myth\auth\src\Commands\Publish.php::publishView
-97 - C:\xampp\htdocs\codeigniter4-admin\vendor\myth\auth\src\Commands\Publish.php::publishViews
-136 - C:\xampp\htdocs\codeigniter4-admin\vendor\codeigniter4\framework\system\CLI\CommandRunner.php::run
-109 - C:\xampp\htdocs\codeigniter4-admin\vendor\codeigniter4\framework\system\CLI\CommandRunner.php::runCommand
-85 - C:\xampp\htdocs\codeigniter4-admin\vendor\codeigniter4\framework\system\CLI\CommandRunner.php::index
-840 - C:\xampp\htdocs\codeigniter4-admin\vendor\codeigniter4\framework\system\CodeIgniter.php::_remap
-335 - C:\xampp\htdocs\codeigniter4-admin\vendor\codeigniter4\framework\system\CodeIgniter.php::runController
-245 - C:\xampp\htdocs\codeigniter4-admin\vendor\codeigniter4\framework\system\CodeIgniter.php::handleRequest
-85 - C:\xampp\htdocs\codeigniter4-admin\vendor\codeigniter4\framework\system\CLI\Console.php::run
-57 - C:\xampp\htdocs\codeigniter4-admin\spark::run
In the last commit, you changed the line (along with namespacing issues)
return $this->select('auth_groups_users.*, auth_groups.name, auth_groups.description')
to
return $this->builder()->select('auth_groups_users.*, auth_groups.name, auth_groups.description')
Now it complains about not finding toArray() method.
I took ->builder() out from the statement and it started working again.
Hi,
I try use this Auth package with cPanel and I noticed when I refresh 4-7 fast page CPU up to 100% in cPanel
And this happening when I try setup Auth Classes
Example:
public function __construct() {
$this->setupAuthClasses();
}
And I am thinking in this place
session('logged_in')
When trying to restrict a method or controller with
$this->restrictWithPermissions('informes.en_sector.create', site_url('dashboard') )
it always redirects as if no permission exited or user is not allowed
@lonnieezell , I know you now focused to CI4 RC but please, change migration commands to newer version. People and me also want to test package out.
New Migration commands running without error but not creating table(s)
php spark migrate:latest -all
And as I understood we don't need do anything about set discoverLocal to true
. Because it is enabled by default?
It’s a problem after the publish command
TypeError
Argument 1 passed to Myth\Auth\Authentication\Passwords\PasswordValidator::__construct() must be an instance of Myth\Auth\Config\Auth, instance of App\Config\Auth given, called in C:\xampp\htdocs\codeigniter4-admin\vendor\myth\auth\src\Config\Services.php on line 90
Maybe better with an example:
$user= 'dog';
$role= 'doberman';
Routes set:
$routes->get('changepass', 'Admin::changePassword', ['filter' => 'role:doberman,german_sheppard', 'as' => 'change-password']);
Then, analyzing step by step:
$result = true;
// Check each requested permission
foreach (['doberman','german_sheppard'] as $group)
{
$result = $result && $authorize->inGroup($group, $authenticate->id());
}
$result would be true on first iteration, but would become false on second.
Therefore, final result is FALSE, though $user belongs to role "doberman".
Proposed solution:
$result = false;
// Check each requested permission
foreach ($params as $group)
{
if (!$result)
{
$result = $authorize->inGroup($group, $authenticate->id());
}
}
I added the missing id() function to AuthenticationBase.
I'll look into "pulling requests" shortly so I can propose changes there
* Returns the User ID for the current logged in user.
*
* @return int|null
*/
return $this->user->id;
Hi,
I am trying to log a user via username + password and if these credentials are wrong I get a error as below:
ErrorException
Undefined index: email
vendor/myth/auth/src/Authentication/LocalAuthenticator.php at line 25
$this->recordLoginAttempt($credentials['email'], $ipAddress, $this->user->id ?? null, false);
I allow to credential via (Config/Auth.php)
public $validFields = [
'email', 'username'
];
#68 introduced alternate hashing algorithms, but the constant PASSWORD_ARGON2ID is only available if PHP has been compiled with Argon2 support, not a current requirement for Myth:Auth or CodeIgniter4. This causes syntax errors when trying to load the config file or using the User entity or LocalAuthenticator.
Either backing out the changes for Argon2 or adding some conditional constant definition?
There is spanish text hardcoded in the register view.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.