Shield is a comprehensive authentication and authorization library for CodeIgniter 4, which simplifies implementing authentication in your application.
When building web applications, securing your application’s authentication and authorization is paramount. Enter Shield, the official authentication and authorization framework for CodeIgniter 4. Designed with flexibility and security at its core, Shield provides a robust set of tools that cater to common authentication needs while allowing developers to extend and customize it as necessary.
What is Shield?
Shield is an authentication and authorization framework specifically designed for CodeIgniter 4. It is not just another set of security tools; Shield provides a flexible base that can be easily modified to fit a wide range of application needs. Whether you’re creating a simple user authentication flow or a more complex system with roles and permissions, Shield has you covered.
Important Features of Shield
Shield offers a wide array of features that cater to different authentication requirements:
- Session-based Authentication: Traditional username/password authentication with a “Remember-me” feature.
- Stateless Authentication: Supports Access Tokens, HMAC SHA256 Tokens, and JWT for stateless, API-based authentication.
- Optional Email Verification: Email verification is available during account registration to enhance security.
- Two-Factor Authentication (2FA): Email-based 2FA can be enabled to secure logins.
- Magic Link Login: A password-less login option for users who forget their passwords, offering convenience without compromising security.
- Flexible Group-based Access Control: Think of it as roles but more adaptable; Shield allows users to be granted additional permissions beyond their group settings.
- Auth Helper: A simple utility that gives quick access to the most common authentication actions.
- Configurable Settings Management: Initial settings can be saved in your codebase for version control and updated dynamically in the database using the Settings library.
- User Entity and User Provider: Pre-built User Entity and UserModel that you can use as-is or extend to suit your application’s needs.
- Extendable Controllers and Views: Shield’s controllers and views can be used out of the box or replaced with your custom implementations.
- Highly Configurable: Every aspect of Shield can be configured to match your security and functional needs.
Primary Goals of Shield
The primary goals of Shield revolve around flexibility, security, and comprehensive functionality. Shield is designed to be highly flexible, allowing developers to extend or override almost every part of the framework. This adaptability gives developers the power to customize Shield according to their specific project requirements, making it a versatile choice for various applications.
Security is at the heart of Shield’s design, ensuring that all aspects of authentication and authorization are built with robust security measures. As a dedicated authentication library, Shield prioritizes safeguarding user data and access controls, addressing potential vulnerabilities and ensuring a secure environment for users.
Moreover, Shield offers a comprehensive set of features right out of the box, designed to meet many common authentication needs without requiring extensive configuration. Despite its rich feature set, Shield maintains simplicity and allows developers to easily add additional functionalities when needed. This combination of flexibility, security, and extensibility makes Shield an excellent choice for developers seeking a powerful yet adaptable authentication solution for their CodeIgniter 4 applications.
Create CodeIgniter 4 Project using Composer
Now let’s create our first CodeIgniter 4 project with the help of composer. I assume you have already installed the PHP or you have Xampp up and running. Or you have your other PHP setup ready along with Composer Installation. You can also download the CodeIgniter 4 from it’s official website and just uncompress it and you are good to go. But if you are choosing the Composer path for creating the CodeIgniter 4 project setup, here is how you can do this by navigating to the directory you want your project to be created and using this command.
composer create-project codeigniter4/appstarter my-project
Code language: Bash (bash)
Navigate to your project directory:
cd my-project
Code language: Bash (bash)
Install and setup CodeIgniter 4 Shield via Composer
Once you had your CodeIgniter 4 project up and running, it’s time to install the Shield package via composer. Here is how you can do this with a simple composer command.
composer require codeigniter4/shield
Code language: Bash (bash)
After that you have to setup the shield, but make sure you have properly configured your database in your CodeIgniter project. To setup the shield you can run the following command.
>php spark shield:setup
Code language: Bash (bash)
It will ask you if you want to run the migration as well, you can say yes to it just like this.
Or if it run into some error just like above picture which says users table has already existed. Which is purely database related error. You can check your database connection and if tables already exists or not. You may have to delete the db if possible. Then you can manually run the migrations with php spark command like this.
>php spark migrate --all
Code language: Bash (bash)
If everything goes well, you may see a success on the command prompt like this.
Now you are good to open your project in your faviour editor. In my case it is Visual Studio Code which is opened with a single command.
code .
Configure the Authentication
You may need to configure the authentication according to your needs. Open the Config/Auth.php
file and adjust the settings as necessary. For example, you can set the authentication method, such as email and password, tokens, or others.
Conclusion and Using the Built-in Routes
Sheild now comes with everything related to authentication out of the box. You can simply navigate to /login
route for viewing the login page which comes out of the box with Sheild package. You will see it like this.
Here you will see the register page link as well. You can also access the register page with simple /register
route. To logout you can simply navigate to /logout
route and you will automatically be redirected to the login page. You can also check Mastering Shield Authentication in CodeIgniter 4: Building a Secure RESTful API (farhadurrahim.com) example.