Authentication module

This module is responsible for handling user signin/login, user password reset, user signup/registration and etc...

User signin/login

You can get to the user signin/login page of Appskull by accessing http://[base_url]/auth URL on a any web browser. After a user successfully signed in, that user will be redirected to the default signin redirect route. This default route can be configured in it's configuration file. You can get more information about this from the bellow of this page.

http://[base_url]/auth

Default signin view

If someone access a protected area of Appskull, it will automatically be redirect that user to the Appskull user signin/login page with a information type alert that saying that person must be signedin in order to access that area. After that user successfully signedin, user will be redirected to the URL that he/she was trying to access instead of default signin route. This is a good usability option that enhance the user experience.

http://[base_url]/auth?next=http://[base_url]/users

Signin view with the information alert

User password reset

In case that some user forgot his/her password, he/she will be able to reset it using password reset option in the authentication module. This feature can be accessed in three different ways.

  1. By accessing via direct password reset URL.

    http://[base_url]/auth/reset

  2. By accessing via link on the user signin/login page.

    Password on the user signin page
  3. By accessing via link on the change password account user settings.

    Password link on the user settings view

Either way when you access password reset option, it should show a page like in the bellow image.

Default password reset view

Users can type their email or username and request a password reset email that contain a 6 digit long number. That number will only be valid for predefined period of time and that time can be configured in the system.

After entering that number, users will be able to set their new passwords.

Create new password view

There are few user password reset related configurations available. You can configure them in the authentication module configuration file or on the Appskull system settings page. You can get more information about these configurations on the bellow of this page.

User signup/registration

User signup/registration option is only available if that option is enabled in the authentication module configuration file or on the Appskull system settings page. If that option is enabled, then users will be able to access that option via http://[base_url]/auth/signup URL.

User signup view

There are few user signup/registration related configurations available. You can configure them in the authentication module configuration file or on the Appskull system settings page. You can get more information about these configurations on the bellow of this page.

Authentication module default configurations

There are few authentication module configuration options available. Those options are already set to some default values but can be change them in the configuration file that located in [app_root]/app/config/modules/auth/config.php. There is no need to describe each and every those options, because every configuration option is well commented with all the information that you need. So be sure to check those helpful comments in the configuration file.

Authentication module configuration overrides

You can override few authentication module configurations very easily on the Appskull authentication module system settings page. So you don't have to mess with default configuration values in the authentication module configuration file. Instead you can easily override them on the Appskull system settings page. But some of configuration options are only available to configure in the authentication module configuration file. for example, $config['auth_signinRedirectRoute'].

For developers

Appskull comes with a custom library called User. It has few methods that can be used to do things that related to user authentication. for example, make a user signed in, signed out and etc...

This library can be found in [app_root]/app/libraries/common/User.php. It's a autoloaded library so you don't have to call it every time before you use it. It's available globally throughout the Appskull application. In this chapter we are gonna talk about only few methods that related to user authentication. Other methods for example, user permission related methods will be discuss in the user permissions chapter.

  1. signin($userID)

    param $userID String/Integer.

    Make user authenticate/signin. Must provide user id.

                                    
                                        $this->user->signin($userID);
                                    
                                
  2. signout($sessionDestroy = false)

    param $sessionDestroy Boolean.

    Make user unauthenticate/signout. By default this method only remove specific session data (session value 'signin'). But if you want to remove current session completely, then pass value true as the first parameter.

                                    
                                        $this->user->signout();
                                    
                                
  3. isSignin()

    Check user authentication.

                                    
                                        if ($this->user->isSignin()) {
                                            // User is signed in.
                                        } else {
                                            // User is not signed in.
                                        }
                                    
                                

You can look into this User custom library and check those methods. By doing that you can get a really good idea about how they work.

Copyright © Nudasoft.