Search code examples
codeigniterion-auth

Extending ion auth to only allow registrations from certain email addresses/domains

I want to extend Ion Auth to only allow certain email addresses to register.

I'm fairly sure I could hack this together and get something working, but as a newbie to codeigniter and ion auth I wish to find out if there is a "proper way" to be doing what I need?

For instance can I "extend" ion auth (so I can update ion auth core files without writing over my changes?).

I noticed there are also hooks including this one (in the register function):

$this->ci->ion_auth_model->trigger_events('pre_account_creation');

Where do these resolve and can I use this one in order to intercept registrations from email addresses which don't match a list of those I wish to register?

If so, how would I do it? I would need access to the $email variable from the register() function.

Or is it just a case of altering the base code from ion auth and not updating it in the future?

Thanks for any help you can give me. Don't worry about the email bit, I'm capable of working out whether an email address matches the required email domains, I'm more interested in what is the best way to go about extending the library.

Tom

EDIT: Hi Ben, thanks for your answer, and thanks for taking the time to have a look at my issue. Unfortunately this hasn't helped.

I guess what you're trying to do there is add a little bit to the sql query a "where in" clause? I guess that the where in bit is incorrect as there isn't a column name.

Also, at this point I can't modify the sql query satisfactorily to produce the required output. e.g. I can add a hook to a function which is literally $this->db->where('1=1') and this outputs this sql in the next query:

SELECT COUNT(*) AS `numrows` FROM (`users`) WHERE `1=1` AND `email` = '[email protected]'

The AND email = '[email protected]' bit will always still return no rows. It should be OR email = '[email protected]', but without editing the Ion Auth core code then I won't be able to change this.

I am starting to suspect (from the last couple of hours of tinkering) that I may have to edit the ion auth core in order to achieve this.

Solution

  • In the end I just wrote a little form_verification callback function which I put in the auth controller of ion_auth which checked through a list of allowed domains. :)