Well.. kohana’s auth module is fine, but it does not work for me…
We programmers just want something we fully understand and most of the time we just write something ourselfs instead of using things that other programmers made.

That’s why i made my own auth module ( used lot of kohana’s auth module ), and i think that everyone could use this one..
The use is very simple, and the code is very easy to understand and extentable.

-auth module
-sql script

The code works just fine… and when u take a look at the code you will see alot of different kind of databases handling. That is one of the learning curves here for you guys.

Take a look at the database (mysql workbench screenshot):
Kohana auth module

Tables explained:

Stores a token especially for that user.
It basicly prevents cookie hijacking and when a cookie is used for authenication then it stores the token in this table.

The user itself.. passwords are encrypted using md5() only. I didnt want to get salt crypt get envolved in this.
The login check in the auth module also checks if an user is active or not and deleted or not.
So a user must have active in table to 1 and deleted to 0 to validate. (you could easely remove that from the module)

Pivot table.
A user can have multiple roles.

Role store, like administrator,superuser,user. Can be anything u want it to be.

Pivot table.
A role can have multiple actions.

The actions per role that u want to manage.
name: is the name that u could show in the HTML(text presentation only).
type: if you check if a user has an action it looks for this type. (more explained below)
navigationitem: not auth specific, i just use this for showing actions in a navigation

The modules to be managed.
Could be something like pages,usermanagement,products.
if module.enabled = 0 then the auth function has_action will return false
because it only validates on enabled modules (module.enabled = 1).

//if you only want to check for a role per user, delete the tables auth_actions_roles,auth_actions and modules because you wont need them.

Download the file above.
Make a database named: auth (could be of course something else BUT read further).
Execute the database.sql file on youre database engine. (the sql file will insert the data in a database called “auth”).
In the sql file there is 1 user added: username “a’ with password “a” (of course md5).
Put the auth folder with all his files in youre kohana modules folder
Goto application/config/config.php and uncomment the line below:

$config['modules'] = array
	//MODPATH.'auth',      // Authentication

*the sql script insert dummy data.

finished installing


function cookie_login() :
- tries to login the user automaticly from a cookie;
- returns TRUE or FALSE;

function has_action($module,$type) :
- looks if a user had access to a certain function from an certain module
- only validates when a module is enabled
- @param: $module: module type or module id from module table
- @param: $type: action type from auth_actions table like: edit,delete,view and so on
- returns TRUE or FALSE

function has_role($givenrole) :
- looks if a user has a certain role like: administrator
- @param: $givenrole: role defined in table auth_roles like: administrator, superuser, user
- returns TRUE or FALSE

function logged_in($role=”) :
- looks if a user is logged in
- @param: $role: optional role given, if a user is logged in but does not have the role it returns FALSE
- returns TRUE or FALSE

function login($username, $password, $remember=false)
- tries to login a user
- @param: $username: the username given
- @param: $password: the password given
- @param: $remember: optional, if given it stores a cookie with a lifetime defined in $config['lifetime'] in auth/config/config.php

function logout($destroy=false) :
- tries to logout a user
- @param: $destroy: optional, destroys all session data, including the browser cookie that is used to identify it

That’s it.

Go to youre controller where you want the auth to be doing his job.
I used just the base controller for my application in this example: application/controllers/index.php

<?php defined('SYSPATH') or die('No direct script access.');
 * Main controller
 * @package    Core
 * @author     Martijn van de Sande
 * @copyright  (c) 2007-2008 Kohana Team
 * @license    http://kohanaphp.com/license.html
class Index_Controller extends Controller {

	public function index()
		$username = 'a';
		$password = 'a';

		$auth = new Auth();
		//if you want to be remebered next time you come here
		//use this: $auth->login($username,$password,TRUE)
		//wich sets a cookie with a lifetime defined in
			echo 'username and password is correct<br/>';
		//hm... is the visitor still logged in?
			echo 'yeah user is still logged in...<br/>';

		//defined in table auth_roles
		//if you insert in by hand in the database dont
		//forget to set the link in the pivot table auth_roles_users
			echo 'you have the administrator role<br/>';

		//let's see if this user can delete something in the
		//pages module
			echo 'yeah the user can delete pages<br/>';


		//this is how i use the module table for creating a navigation:
		//watch how modules.type = used as a controller
		//of course first check if the user is logged in.
			$modules = $this->getNavigationItems();
			//loop thru each navigation item (module)
			foreach($modules as $headitem => $subitems){
				//this could be a controller
				$moduletype = $modules[$headitem]['type'];
				echo '<br/><b><a href="'.url::site($moduletype).'">'.$headitem.'</a></b><br/>';
				foreach($subitems['subitems'] as $subitem){
					echo '-<a href="'. url::site($moduletype.'/'.$subitem['type']).'">'.$subitem['name'].'</a><br/>';

	//get the modules and actions for in the navigation menu
	public function getNavigationItems(){
		$auth = new Auth;
		$db = new Database;
		$result = $db->query('
									modules.id as moduleid,
									modules.name as modulename,
									modules.type as moduletype,
									auth_actions.type as actiontype,
									auth_actions.name as actionname
									modules.id = auth_actions.module_id
									auth_actions.navigation_item = 1
									modules.enabled = 1
		$returnArray = array();
		foreach($result as $value){
				$returnArray[$value->modulename]['subitems'][$i]['type'] = $value->actiontype;
				$returnArray[$value->modulename]['subitems'][$i]['name'] = $value->actionname;
					$returnArray[$value->modulename]['type'] = $value->moduletype;
		return $returnArray;



Feel free to manipulate the whole class.
If ya like it or just dont like it, or u have find some bugs let me know.
If you think it needs some improvements let me know.

That’s easy!

Share and Enjoy:
  • Digg
  • del.icio.us
  • Facebook
  • Mixx
  • Google Bookmarks
  • Furl
  • LinkedIn
  • StumbleUpon
  • Technorati
  • TwitThis
  • NuJIJ