redirect to admin and user based on user role in code igniter

Question

If the admin is logging in. I want him to go to admin/dashboard. otherwise to the users dashboard. The controller of login is follow. In the users table, I have a column of 'role' and the value are '1' and '2'. 1 stands for admin and 2 for user. and there is separate table for role.

Login User function

public function login(){
    $data['title'] = 'Login';

    //validating form
    $this->form_validation->set_rules('username', 'Username', 'required');

    $this->form_validation->set_rules('password', 'Password', 'required');

    if($this->form_validation->run() ===FALSE){
        $this->load->view('templates/header');
        $this->load->view('users/login', $data);
        $this->load->view('templates/footer');
    }else{
        //Get username
        $username = $this->input->post('username');

        //Get password in md5 
        $password= md5($this->input->post('password'));

        //Login User.... passing username and password
        $user_id = $this->user_model->login($username, $password);

        //checking userid
        if($user_id){
            //creating session if user_id is present
            $user_data=array(
                'user_id'=>$user_id,
                'username'=>$username,
                'logged_in' => true
            );

            $this->session->set_userdata($user_data);
            //set message               
            $this->session->set_flashdata('user_loggedin', 'Login successful');
            redirect('posts');                  
        }else{
            //creating session if user_id is not present
            $this->session->set_flashdata('login_failed', ' Invalid credentials');
            redirect('users/login');
        }
    }
}

Answer 1

The main developer of the contemporary CodeIgniter , Mr Lonnie Ezell

in this post on the CodeIgniter's forum, https://forum.codeigniter.com/thread-67063-post-339924.html#pid339924

explains the use of CodeIgniter filters http://codeigniter.com/user_guide/incoming/filters.html

Please , pay attention to and kindly note the example he does

Thinking about who writes the post... you have the correct CodeIgniter's approach for the users and admins accessibility delimitations

So let's create your filter in /App/Filters by copying the skeleton you find in the documentation @ https://codeigniter.com/user_guide/incoming/filters.html#creating-a-filter

e.g. save it as /App/Filters/AccessFilter.php

customize the name according with your needs and fill the before method with your is-logged-in check and redirect action if not logged in

then go to the Filters configuration setup in /App/Config/Filters.php and

1. assign your brand new created filter an alias name

   'accessCheck' => \App\Filters\AccessFilter::class

2. select the policy that best fits your need, e.g. the bottom one in the Filters.php config file and note the provided hint that comes with the default CodeIgniter installation it tells

   /* List filter aliases and any before/after uri patterns that they should run on, like: 'isLoggedIn' => ['before' => ['account/*', 'profiles/*']], */

well so let's use it

public $filters = [
    'accessCheck' => ['before' => ['controllerName(/*)?']]
];

where controllerName is the controller you want to deny access if the user is not logged in

please note that you can deny multiple controllers as array and also note that the regex condition will stop the access to every method of the controller including the index() one

so it will stop both

• site_url("/controllerName")
• site_url("/controllerName/*")

Bonus: Also note that filters can be set in the custom routes strings as parameters https://codeigniter.com/user_guide/incoming/routing.html#applying-filters ( this selective use, will allow to e.g. avoid already logged in users to access the login page or the sign up page and other similar "deviations" )

Answer 2

while validating the user, you have to send an array as a response to login call.

$user_info = $this->user_model->login($username, $password); // User Info should be an Array $user_info = array('user_id' => '123', 'role' => '1'); if exist and $user_info = array(); if not


if(isset($user_info['user_id']) && !empty($user_info['user_id'])) {
$user_data=array(
        'user_id'=>$user_info['user_id'],
        'username'=>$username,
        'logged_in' => true
    );

$this->session->set_userdata($user_data);
$this->session->set_flashdata('user_loggedin', 'Login successful');
if($user_info['role'] == 1){
    redirect('admin/dashboard');
} else {
    redirect('user/dashboard');
}

}

Sure this will help you.

Answer 3

I don't know exactly the column name what you set for user role. Say this is user_role_id and here is my example for you.

    //checking userid
    if($user_id){
        //creating session if user_id is present
        $user_data=array(
            'user_id'=>$user_id,  // you should change this variable to $user_id['id']
            'username'=>$username,
            'logged_in' => true
        );

        $this->session->set_userdata($user_data);
        //set message               
        $this->session->set_flashdata('user_loggedin', 'Login successful');
        if($user_id['user_role_id'] == 1){
            redirect('admin/dashboard', 'refresh');
        }
        else if($user_id['user_role_id'] == 2){
            redirect('users/dashboard', 'refresh');
        }                
    }else{
        //creating session if user_id is not present
        $this->session->set_flashdata('login_failed', ' Invalid credentials');
        redirect('users/login');
    }