Setting Up Tank Auth

(Version en español)

NOTE: The below instructions have been tested with CodeIgniter 2.1.0 and TankAuth 1.0.9; and they work fine. There is one additional change that must be done in the config.php file (CI), it is related to the new parameter ‘encryption_key’.

Tank Auth is an authentication library based on DX Auth, developed for the PHP framework CodeIgniter. This brief tutorial shows the steps needed to install TankAuth.

The following applications and libraries were used:

• Ubuntu 10.04
• PHP 5.2
• MySQL 5.1
• Eclipse Galileo (3.5) with PHP Development Tools (PDT).
• CodeIgniter 1.7.3
• TankAuth 1.0.7

1. Creating a New Project

The first step is to create a new Eclipse PHP project by selecting FILE → NEW → PHP PROJECT. The project name I used was TankAuthLogin and the default options should be selected (to keep it nice and simple).

* The new project should be created in the /var/www/phpsites folder. This folder was configured to store all the web sites and it is accesible via http://localhost/phpsites.

2. Integrating CodeIngiter and TankAuth

Once the project is created, you must download CodeIgniter (CI) and TankAuth. The CI zip file contains two folders: SYSTEM, USER_GUIDE and one file: INDEX.PHP. The SYSTEM folder and the INDEX.PHP file must be copied into the TankAuthLogin project. To include the TankAuth library, follow these steps:

• Copy the APPLICATION content folder into CI APPLICATION folder.
• Copy the CAPTCHA folder to the CI folder.
• Create the TankAuth DB tables (described below).
• Open APPLICATION/CONFIG/CONFIG.PHP file and update the $config[‘sess_use_database’] variable to TRUE.

After this, you will get the following file structure:

3. Creating The TankAuth Tables

TankAuth includes a SCHEMA.SQL file which the queries to generate the required tables. You can run this file using any DB administration software; I ran this file using MySQL Query Browser and the tables were created under the TankAuth schema. Once the file is executed, you will get the next table structure:

4. Configuring TankAuth

So far, we have all the necessary files for our application, but it is not functional yet. If you try to access the web site, the following error is thrown:

To have a working site, you must modify the next set of files:

• APPLICATION/CONFIG/CONFIG.PHP-> base_url variable must be updated as follows:
  • $config[‘base_url’] = “http://localhost/phpsites/TankAuthLogin“;
• APPLICATION/CONFIG/AUTOLOAD.PHP -> captcha plugin must be added (OPTIONAL):
  • $autoload[‘plugin’] = array(‘captcha’);
• APPLICATION/CONFIG/DATABASE.PHP -> Update the following variables:
  • $db[‘default’][‘hostname’] = “localhost”; (database IP address)
  • $db[‘default’][‘username’] = “dbuser”; (database username)
  • $db[‘default’][‘password’] = “userpass”; (password)
  • $db[‘default’][‘database’] = “TankAuth”; (database schema)
  • $db[‘default’][‘dbdriver’] = “mysql”;
  • $db[‘default’][‘dbprefix’] = “”;
  • $db[‘default’][‘pconnect’] = TRUE;
  • $db[‘default’][‘db_debug’] = TRUE;
  • $db[‘default’][‘cache_on’] = FALSE;
  • $db[‘default’][‘cachedir’] = “”;
  • $db[‘default’][‘char_set’] = “utf8”;
  • $db[‘default’][‘dbcollat’] = “utf8_general_ci”;

After making these changes, reload the website. You should see the following web page:

NOTE: Unlike DX Auth, Tank Auth does not create a default user. You must create a user on your own. But before doing that, you must configure the CAPTCHA plugin and set the email parameters. This last step is needed because Tank Auth will send an activation link (by email) when a new user is registered (This functionality is also used on the “forgot password” option).

5. Setting Up the CAPTCHA folder

So far, if you try to register a new user you should get the following form:

As you can see, the web page does not show the CAPTCHA image, this is because the permissions that are currently set to this folder. In order to change permissions, you must provide write access to the www user. In Linux, you can run the following command:

sudo chmod -R 777 www_path/TankAuthLogin/captcha

NOTE: This command provides an easy way to set up the permissions on this folder, but you MUST NOT keep full write/read access when your code is under production.

If you refresh the web page, you should be able to see the CAPTCHA image:

6. Setting up the Email

The last step covers email setup. This functionality is used when a new user is created and when the user forgets the password. To set up the email, you must update the APPLICATION/CONFIG/EMAIL.PHP file as follows:

$config[‘protocol’]=‘smtp’;

$config[‘smtp_host’]=‘ssl://smtp.googlemail.com’; (SMTP server)

$config[‘smtp_port’]=‘465’; (SMTP port)

$config[‘smtp_timeout’]=’30’;

$config[‘smtp_user’]=‘googleuser’; (user@gmail.com)

$config[‘smtp_pass’]=‘userpass’; (gmail password)

$config[‘charset’]=‘utf-8’;

$config[‘newline’]=“\r\n”;

GMAIL is being used as the email provider in this example, but you can always use a different provider.

7. Registering a New User

Once the required fields are filled and the user is registered, the following message is received:

After this, the application will send the message to the registered email address. This message will contain the activation link which, when clicked, will make the user active and he/she will be able to log into the application:

Finally, the following authentication message is thrown when the user provides its credentials:

Hi, userlogin! You are logged in now. Logout