2022-06-02 by Lonnie Ezell

Filed under:

One of the most requested features in CodeIgniter for years has been an authentication/authorization solution. I'm proud to announce that today is that day. CodeIgniter now has an official auth library: Shield.

Among the many features that Shield ships with are:

  • Session-based authentication (traditional email/password with remember me)
  • Stateless authentication using Personal Access Tokens
  • Optional Email verification on account registration
  • Optional Email-based Two Factor Authentication after login
  • Magic Login Links when a user forgets their password
  • Flexible groups-based access control (think roles, but more flexible)
  • Users can be granted additional permissions
  • User Entity and UserModel ready for you to use or extend
  • A simple helper that provides access to the most common auth actions
  • Easily extendable controllers
  • All required views that can be used as is or swapped out for your own
  • Highly configurable
  • Built to extend and modify
  • Save initial settings in your code so it can be in version control, but can also be updated in the database, thanks to our Settings library

While this is a beta release, it already provides a fairly thorough set of features, that should handle the needs of 80% of the projects your work on. We hope you find it helpful, and we're looking forward to see it continue to help you build secure applications in the future.

View forum announcement