User Authentication

[code2be]

Hello,

Why not having a User Authentication library which handles the process of Registering, Logging in, Resetting Password of Users ?

I know there are many libraries for Codeigniter which does the same functions and more like ionAuth. But, Being a native function bundled with the framework is better as far as I think.

What do You think ?

[narfbg]

There are many, many ways to implement these functionalities and they all have varying range of properties. If CodeIgniter provides such a library, it would be one of:

• A largely complex pile of code that tries to satisfy everybody's needs but can never achieve that goal.
• A relatively simple library with very specific requirements that's only useful to 5% of everybody who needs user auth & management in CI.

Both would be doomed to fail.

[obozdag]

@narfbg With this attitude you are the main obstacle in front of CI's evolution. Authentication, ORM these are not complex pile of code and not useful to 5% of everybody. Perhaps a bit difficult for you to manage.

[sarciszewski]

The topics this would need to address include:

• Password encryption
• Password expiration
• Password policy enforcement
• Providing a access control enforcement API
• Group-Based Access Controls
• User-Based Access Controls
• Support LDAP hooking for authentication (another dependency, on Debian-based systems!)
• Rate-limit the login attempts
• Captcha integration

On the developers' side, it would further require setting up the schema a certain way to support CodeIgniter's strategy.

Would this be useful? Yes.

Should it be part of the core? No.

If anyone wants to start a project that can easily be incorporated to CodeIgniter (i.e. an open source library/helper), I would commend your efforts. However, not everyone has the same requirements.