PHP Authentication system

[channel5]

Hi

 

I'm looking for a PHP authentication system. Requirements are:

 

1): Not session based (so I can spread over multiple servers).

2): Verify email address functionality

3): Has an API that I can pluck the users details out of (i.e. I don't want to just log in a user and then forget who they are)

4): Preferably has preference system built in

5): Open source

 

Anyone got any suggestions for systems I should look at?

 

cheers

c5

[JJohnsenDK]

joomla

[channel5]

Hi JJohnsenDK, thanks for the speedy reply

 

I'm actually looking for more of a module that I can incorporate into my existing in-house developed sites. I'm not looking for a complete CMS system, just some code libraries that I can use to add authentication to my own scripts.

 

Hope this clarifies

[AdRock]

http://www.devarticles.com/c/a/PHP/Creating-a-Membership-System/1/

[channel5]

Hi

 

Thats a great example thanks, but it isn't quite what I am after as it still uses sessions.

 

I am after something that works like this:

 

http://jcay.com/php/scripts-and-programs/user-authentication/smk-php-authentication-class.html

 

unfortunately the system described on that page no longer seems to exist anywhere!

[rarebit]

lol, that repeats itself a bit... and it still use's sessions!

 

Right when it set's a session, include a bit of page from each of the other severs, this bit of page set's a cookie (from each server!). Every page request must do same, so each page tells each other server that is logged in. But basically underlying is same system.

[channel5]

lol, that repeats itself a bit... and it still use's sessions!

 

Right when it set's a session, include a bit of page from each of the other severs, this bit of page set's a cookie (from each server!). Every page request must do same, so each page tells each other server that is logged in. But basically underlying is same system.

 

 

Hi Rarebit.. yea that would work, but it would be a bit long winded and the scalability then becomes an issue.

 

There must be a code library out there that does what I am after, its a pretty standard technique, just every one I am finding uses the session shortcut which just won't work for what I am doing..

 

 

[rarebit]

I don't know about a library cos I tend to do it myself, but I can't logically work out a way other than cookies, unless you get the actual server programs to communicate with each other and have the ability to authenticate the same user, cookies is the way. Also, a session is just a cookie with a limited lifespan!

[channel5]

Well when I say no use of sessions i mean no use of server side sessions.

 

I don't want the app to be reliant on sending a logged in user to the same server every time, basically I'm trying to build a very fault tolerent system.

 

Using client side cookies with the session data stored in the database layer means that I don't have to worry about the user always being on the same server.

 

And yes I could code it all up from scratch, but basically if there is a library that does this already then why re-invent the wheel?!

 

cheers

c5