Step 3.4 – Creating the profile page with Ion Auth

Created at: February 5, 2015; Last update: March 11, 2016

(Created at: February 05, 2015; Las update: March 11, 2016

All good and well: we’ve done our login and logout pages, we’ve facilitated the administration of users and groups using Ion Auth. But what about the profile page? What if the user wants to change his/her credentials or our default password (which, shockingly, is… “password”).

For this it would be nice to have a profile page, where the user can do his/her own changes. We will not allow the user to change its own email or username, even if it is an admin. We should let this part in the hands of the other administrators (but you can do whatever you want in the end).

For the profile page we will create a profile() method inside the application/controllers/admin/User.php controller.

So let’s first modify the top menu (application/views/templates/_parts/admin_master_header_view.php) in order to put a link to the profile page.

Now going to our User.php we create the profile() method that, after interrogating the database, will output the profile page:

Nice… Now the application/views/admin/user/profile_view.php:

 

And that’s it: we can say that we’ve set up the security. Did I miss something? Please write a comment below.

A good advice would be to delete the Auth.php that we’ve pasted from the Ion_Auth library, so that there won’t be any doubts about what controller(s) will be used from now on for authentication.

If you’ve followed my tutorials you should have at least what I have. Here is the application and assets directories for the application we’ve developed so far.

12 thoughts on “Step 3.4 – Creating the profile page with Ion Auth

  1. scion

    Hi! I dont understood only one thing – why you saving password like usual string? How I that password saved in DB like crypted string

    Reply
  2. scion

    Yeah, sorry I missed that – all happens in ion_auth->update method if in array $new_data present key ‘password’

    Reply
  3. Giorgi

    User class extends on MY_Controller not Admin_Controller, $this->data[‘current_user’], $this->data[‘current_user_menu’] and $this->data[‘page_title’] variables don’t exist in __construct() function. Instead they are in profile() function, but $this->data[‘user’] exist and $this->data[‘current_user’] not exist. Is it mistake?

    Sorry for my bad English. 🙂

    Reply
    1. avenirer Post author

      You are totally right. Thank you for noticing that. It is a mistake. I changed it now. Thank you again.

      Reply
      1. Solaiman

        Hi Mr. Avenirer,
        Thank you for your nice and very useful ion auth library, it is awesome.
        Would you please tell me that which method have used for hashing the password after the user is registered in DB and is it secure or strongly secure?
        Have you used Bcrypt and salt and if yes why it takes very less time to generate the hash?
        Thanks

        Reply
  4. faisal

    thanks for the best tutorial!

    one question: when i logout of /admin i am also logged out of /user.

    how can we keep this as separate sessions ?

    thanks.

    Reply
    1. avenirer Post author

      Hello. You can’t be a normal user and an admin user at the same time. There is only one session between your website and your browser. You could however create some sort of library that could do such a thing.

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

No spam? * Time limit is exhausted. Please reload CAPTCHA.