i am in the middle of a project that evolved in a direction that it require some sort of RBAC integrated with the authentication, but with advanced functionality (setting "caps" or "limits on users, based on their role/group). A SaaS site with paid and free plans like GitHub, Basecamp etc. can be a good example.
I already tested:
Ion Auth - http://github.com/benedmunds/CodeIgniter-Ion-Auth
Wolf Auth - http://github.com/Vheissu/Wolfauth---A-Codeigniter-Auth-Library
Perm Spark - http://getsparks.org/packages/perm/versions/HEAD/show
Codeigniter-RBAC - https://github.com/pdiddy/CodeIgniter-RBAC
and some other (one for all: Bonfire). Some of these have only authentication features, some lacks auth but provide RBAC. None of these makes use or mention about the possibility to have user limits.
I started developing a similar library myself (trying not to break Ion Auth function naming, because i am moving out from there), but, considering that i have only finished to plan the database schema and implement it in migrations, i think it is better to use something ready and tested (if it exists) instead of reinventing the wheel. Does anyone know a library to accomplish this particular tasks?
I am working with CI: 2.1.0 + HMVC, thinking to add DataMapper or RedBean for this particular purpose.
Cant think of anything else right now except cibonfire. cibonfire provides Auth and RBAC both. Have been using for more than 2 years now.
Related
I’m going to build an online photo editor - Single Page Application with Vue.js + Laravel (beginner in both frameworks).
How can I disable or limit some features if user account is free, and enable that if account is premium?
For example: if I want some tools like Color picker is only available to paid user, how can I do that securely?
( Vue is frontend so I’m afraid that if the logic stand totally in javascript, user with enough knowledge can modify it by dev tools to enable paid feature )
I suggest you take a look at Laratrust. It's a fantastic package for creating roles and permissions in Laravel.
Vue is indeed the frontend, but your application's logic is still performed in PHP, via Laravel. Your controllers will determine what a user's permissions are and return the appropriate data/error accordingly. There's a lot to describe here but there's tons of great resources that do it.
Rather than describing how Vue and Laravel work together, I'd point you towards Laracasts. You can learn A LOT there off just the free videos alone, well worth the money though.
https://laracasts.com/series/learn-vue-2-step-by-step/episodes/26
https://laracasts.com/series/learn-vue-2-step-by-step/episodes/27
This question has been bugging me for quite some time now, I want to create a cms, a School Mnagement System to be more specific, and what matters to me the most, is making this system plugin based, in a way that administrators can download and install plugins right through their admin panel, just like wordpress.
Now I've read about wordpress Hooks, Actions and Filters, and in all honesty i can say i'm just a little familiar with their functionality, but to apply same functionality to a Laravel App... , It's a bit hard to figure out, at least for me.
I've also searched about this question and found out that almost everyone is suggesting packages, But while packages can work great for other developers wanting to get use of the package's functionality, they can't be easily installed by a user not familiar with any programming language, And that's exactly what i want in my application.
Now what i have in my mind so far, as in Wordpress Actions and Filters, almost everything one would want to use in Wordpress theme files ( to make that piece of code flexible for adding plugin functionality ) should be called as functions, and calling that function by Wordpress do_action() is kind of a must-take path, which of course makes sense.
This way plugin developers can just call add_action() / add_filter() in their files and put their plugins into the flow of the application.
So...
Basically what I'm asking here is:
How to apply such functionality to a laravel app?
Is there an easier way than calling everything by a function like do_action()?
Should i write some kind of a file management module for downloading and updating plugins?
Again I must say that I am not very familiar with wordpress ways to achieve this kind of functionality, So I may be wrong about some of the description I mentioned above, But please, I appreciate any clarification around this subject if you can.
Thanks in advance for any insight.
*P.S. I've tried to be as clear as I possibly can about the problem, And I'm not looking for any specific method for the system I`m developing.
What i want is to know Common / Best methods ( If there is a best method ) for achieving such functionality, preferably in Laravel, but a general algorithm would still be very appreciated.
I know lots of people have the same question and are tackling with the same issue, so if you even only provide a link to a useful article it would be great.*
I have been working as a Wordpress Developer for a very long time and I also have sufficient experience in Laravel... and to be honest, making this kind of functionality is not that difficult at all.
How?
First of all, you must understand that the web app that you will be making will have all the functionalities, but they can only be enabled/disabled from the front-end (Admin Panel/Dashboard). In other words, your School Management System app is actually having all the features/functionalities pre-installed, but you are just allowing the users to enable/disable it. This is much simpler.
So, if for eg. you want to provide someone attendance management functionality, you will have to give the admin of the site, the access to enable/disable it.
Why?
Wordpress has a built-in UI for adding/updating plugins. But in Laravel, everything is code based and therefore this I believe is the simplest way to go (especially for making things in your app pluggable).
Steps
Make a site with UI etc...
Create a config and migration file which will have the names of all the plugins you are going to allow the user to enable/disable.
Make a sync command that will sync all the plugins in your app.
Use it render a page from the front-end and manage their status from the back-end (is_active etc etc...)
Now once, these plugins are active, make sure the user (say moderator, editor) has access to manage them, for which you will obviously have to create roles/permissions and use Laravel Policies for such stuff.
Lastly, only the admin will have the enabling/disabling writes and no one else.
For the other part where you want the people to perform their own functions with filters/actions. I'd say this is completely contradictory to the part where you say Installing Laravel Packages isn't easy. Well, if you would really want a developer a way into this, why not straight away ask them to make a package for your app alone? Hmmmm.... Think about it :)
But, even then, if you would like to create such a functionality, create a simple class which the user can call and user its functions to call their own functions... Something like -> SMSPlugin::do_action(). But then again, making things like updating/deleting the plugin will require you to build your own Plugin Store and ask users to upload to it. Then you'll have to make an API to constantly check for updates for all the installed plugins and blah blah.... It's a really long procedure... And I don't believe that feasible too!
Hope I answered everything. Let me know in the comments if you have any doubts :)
I know it was 2 years ago, but for now you can achieve this with laravel with some packages:
So i think the steps will be:
Create new Laravel App and add some packages for BASIC admin UI and things you will need like:
Authentication (https://laravel.com/docs/5.7/authentication)
Roles and Permissions (https://github.com/spatie/laravel-permission)
Users managment
Modules (https://nwidart.com/laravel-modules/v4/introduction)
At this point you must configure and write a UI for manage every thing from every package mentioned.
So i think this is the way or at least some try to do it in 2019 :D
Happy new year to all!
There's a package for this, it supports version 5, didn't test yet with 6:
https://github.com/oneso/laravel-plugins
This question already has answers here:
Closed 10 years ago.
Possible Duplicate:
How should I choose an authentication library for CodeIgniter?
What is the best library for User Registration / Authentication / Management for CodeIgniter 2.1.0?
Thanks!!
Tank Auth and IonAuth are both great for all of the above in my opinion. Each has their own pros and cons. Most notably for you will be the documentation. IonAuth is heavily documented, and well commented throughout. Tank Auth is lightly documented, and is very well commented throughout. I personally prefer IonAuth, and have used it in several projects. If you want some additional modifications to make it even easier to work with, then check out this article here.
In my opinion IonAuth for user registration and authentification and Zend_Acl for authorization (Access Control List).
Thats your choice dude, If you take an ORM approach neither IONAuth nor TANK will suffice.
Choose a database structure throughout your project's then decide, If that means a custom Auth lib, then so be it....
we are a parents initiative who runs a small kindergarden / child nursery and we set out to build a basic web based documentation and reporting application for our nursery.
After spending a week doing research on the various PHP MVC frameworks, I have a few questions that I could not answer myself - even after having a closer look (installed on local machine) at CakePHP, Symfony, CodeIgniter, YII and Joomla.
The goal is to build a web application where site managers, staff and parents (roles) can log in to do simple tasks, depending on their role (hence I need a RBAC). Site managers will for example be able to add staff to the database, staff will be able to add children and do some documenation on children (select a child and enter details on special needs etc.). Parents should be able to update information about who is picking up the child, or inform the staff if a child will not come in at a certain date.
Now, since this is all basic CRUD with only a few tables underneath, tables connected via some foreign key constraints, I would like the framework to generate CRUD skeletons for me.
And since I need to manage roles and limit access to certain pages, I would like a basic user management out of the box.
Plus, PHP and MySQL and MVC are set - otherwise I would have used Oracle Apex as I have some experience with that.
So, I looked at a vast amount of PHP frameworks and found the following to be promising:
CodeIgniter (with Bonfire plugin)
Symfony2
YII framework with GII
CakePHP
Joomla
BUT none of the frameworks I looked at seemed to fit my need:
creating CRUD skeleton pages based on my ERD with foreign keys (MySQL InnoDB) / Scaffolding
offering a basic user management out of the box with up to date security measures in place (passwords stored using phpass or salted hashes & md5, user registration, defining roles and limiting tasks to roles/users).
If somebody could suggest a PHP Framework that comes with those two requirements build in, I would be very happy to hear about it. THANK YOU very much in advance!!
(I really liked CodeIgniter because it was simple to set up and lightweight, I liked the Bonfire user management plugin but was disappointed when I found out they sacked scaffolding in the lasted release
And I liked Joomla for its user management, but found it quite hard to get started on component development, plus no scaffolding).
You should check FuelPHP and its ORM, Oil and Auth packages. It's really great. If you liked CodeIgniter, you'll probably love Fuel.
http://www.fuelphp.com
I'm starting a new project with codeigniter, and I'd like to start on a system that's already built so I can reduce the time of development.
Is there a good system that handles user authentication along with an admin interface to manage users that can be easily expanded to a web-app?
If this is too vague, I can expand
This thread here appears to have some answers
But the question was more about libraries. Either way, implementing some of the things on that thread would save you time.
You're looking for is a Content Management System (CMS).
There are a few ones out there that use Codeigniter as a framework for their CMS.
Edit: Even if you can't find a boilerplate CMS that you like, you can google about CMS's to design a simple one of your own as there's LOTS of tutorials and information about requirements and such when you know the term CMS.
I recommend Redux Auth for CodeIgniter. It comes with an example implementation, and can easily be used to manage user authentication for your CodeIgniter site. I just implemented Beta2 with the latest version of CodeIgniter, so while it's not actively updated, it still works with the latest build.
I'm using Bonfire as default admin interface.
I've just started looking into Bonfire:
Bonfire helps you build CodeIgniter-based PHP web applications even faster, by providing powerful tools and a beautiful interface you won't be ashamed to show your client.
Ready to customize Admin Interface.
User Management with Role-Based Access Control.
Fully Modular codebase.
Built around HMVC.
Database backup, migration, and maintenance.
Powerful, parent/child capable theme engine.
Simple Email Queue to keep your ISP happy.
UI-based module builder.
Looks good at first glance!