does ion auth library in codeigniter allow registration? - codeigniter-2

does ion auth library in codeigniter allow registration ?

Yes, that's what the register() method is for.

Related

Laravel Jetstream - default fortify or sanctum?

I've got a fair amount of experience with laravel but I'm new to jetstream - just having a look into it at the moment and I'm confused regarding authentication methods.
I understand there are two main options:
Fortify - basic front end agnostic authentication system.
Sanctum - Used for SPA's and generating tokens for Api's.
The documentation for jetstream suggests jetstream defaults to using Fortify as its authentication backend. However the default 'web' routes are set up as below:
Route::middleware([
'auth:sanctum',
config('jetstream.auth_session'),
'verified'
])->group(function () {
Route::get('/dashboard', function () {
return view('dashboard');
})->name('dashboard');
});
Why is 'sanctum' being passed as a parameter to the authentication middleware? Is jetstream actually using sanctum as its default now? From what I can tell Jetstreams registration / authentication pages work just as well if the sanctum parameter isnt passed.
I'm likley getting confused about the differences between fortify & sanctum or how its being implemented in Jetstream.
Any help would be greatly appreciated.
Thanks
Sanctum is just a headless auth system. It provides session cookie- and api token authentication. Jetstream uses it alongside fortify which will register all the routes, controllers, etc.. containing the logic for login, registration, password resets...

Laravel 5.4 use JWTauth along with normal authentication

Me and my friend are creating an application. I'm using Laravel 5.4 as the backend and he uses Angular2 as frontend.
The Laravel project serves as a rest API with JWTauth token authentication.
Now I would like to make a small backend dashboard in the Laravel project that is only accessible by admins.
How would I go about using different authentication (with session) instead of tokens when I just browse to the api backend part?
This is pretty straightforward. Just apply the JWT auth middleware to the API routes and the normal auth middleware to your admin dashboard. You don't even need to tweak anything since JWT doesn't need changes to your table structure or need for changing the existing auth.
Build the backend dashboard using the built int auth scaffolding using the auth and guest middleware. For the api routes use the standard api middleware along with the jwt.auth middleware if you're using the tymondesigns/jwt-auth package. There will be no conflict with these two.
Bro use separate guard like
$loginUser = Auth::guard('web')->loginUsingId(12,true);

How to get the csrf token "outside" laravel view?

i have a cordova app connected to a laravel api.
I need to make a post from the mobile app to that laravel, but i need the csrf token.
I cannot do the {{csrf_field}} because the view i´m using in the mobile is not provided by laravel so no blade or laravel helpers.
I tried doing a previous ajax call only to get the token, but i don´t know if this is the best way to do it.
Thank you!
In your case I wouldn't recommend to you to get the CSRF token.
Instead I'd suggest you to construct a personal authorization code (per user) or removing the corresponding URLs from the CSRF check (maybe even the whole API).
The token is linked to the currently authenticated user. What you're trying to do won't work.
Try using the API middleware to login and store the token on the mobile app, and use that to identity yourself.
While as the other answers have said, this isn't a recommended solution for your problem, Laravel has a helper function to give you the CSRF token, aptly named csrf_token().
It's listed on the helpers page of Laravel's documentation: https://laravel.com/docs/5.4/helpers#method-csrf-token

Should i use Laravel Passport or JWT resource?

I know passport uses oAuth, but my question is.. is it better to use Passport for Auth (Login and Register) or should i use jwt for login and register and Passport for external API requests... or use passport for both (User API and Login/AUTH)
Now i'm programming a SPA website with laravel and VueJs 2, i'm stuck in this.
Laravel Passport does, in fact, use JWT so comparing "JWT vs Passport" is kind of wrong.
You can use Laravel Passport for everything you mentioned - logging in, registering (not built-in in Passport but easy to add) and protecting external API requests.

Codeigniter Tank_auth library | How to protect controllers and show login page if user not logged in

I have successfully implemented the Tank Auth library to my CodeIgniter project and would now like to protect my 'members' controller.
How can I stop users that have not registered and logged in viewing my members pages?
If there a default function in tank_auth to do so? If not how should I go about doing so?
Add this to the __construct function of your controller
if(!$this->tank_auth->is_logged_in())
{
redirect('/auth/login');
}

Resources