Adding Authentication

Using BasicLoginPage

There is a basic authentication page support in CrudKit, which only provides you a nice user-interface for making a login page. You will have to verify the username and password yourself (against a database or any other means).

The key principle is to add the authentication code BEFORE you call $app->render ().

<?php
// Create a new CrudKitApp object
$app = new CrudKitApp ();

// 
// HANDLE LOGIN
// 
$login = new BasicLoginPage ();
$login->setWelcomeMessage ("Use credentials admin/demo or user/demo"); // Change this as you want
if ($login->userTriedLogin ()) {
    $username = $login->getUserName ();
    $password = $login->getPassword ();

    // TODO: you should use your own authentication scheme here
    if ($username === 'admin' && $password === 'demo') {
        $login->success ();
    }
    else if ($username === 'user' && $password === 'demo') {
        $login->success ();
    }
    else {
        $login->fail ("Please check your password (admin/demo) or (user/demo)");
    }
}
$app->useLogin ($login);
// If there is no successful authentication, no code below this will be executed

// 
// TODO: Configure the rest of your app here
//  

$app->render ();
?>

Building your own authentication from scratch

CrudKit’s designed in a way that makes adding your own authentication and security a breeze. To do this, simply make sure that the user is authenticated by checking the cooke or session at the beginning of the script, before creating the CrudKitApp object, or calilng render.

All AJAX requests pass through the same file, so your application will also be immune to people forging requests to the AJAX APIs, which is a security vulnerability for many applications

<?php

function user_logged_in () {
	// TODO: Check if the user has logged in maybe by querying $_SESSION or a cookie.
	return false; // or true if the user is logged in
}

if(!user_logged_in()) // Check if the user has logged in 
{
	echo "Need to log in";
	exit();
}

$app = new CrudKitApp();

// Configure the app

$app->render ();
?>

Built by Anirudh Sanjeev. CrudKit is distributed under the MIT/X11 License.