CodeIgniter’s structure is built around the idea of re-usable libraries, helpers and models and we’ve taken that concept to the nth degree in Nova by building our own authentication library to handle things like logging in, checking login attempts, setting session variables, setting cookies and much more.  The best part about the Auth library though is that it’s available to any developers to use for checking a user’s credentials or hashing a string!

I realize this is a topic that the average user is going to read with glazed eyes, so I’ll do my best to keep the technical details to a minimum.  Essentially, the library is a PHP class that handles checking a user’s credentials and passing information around the class for doing things like setting session variables or checking if a user is a system administrator.  Because the Auth library is separate from the login page, it means we can reuse those components elsewhere in the system, giving us a whole new level of flexibility with our components, something SMS never had.

Why would a developer care about this?  Being able to verify if a user is a system administrator allows a developer to create a page with logic to show a link or different components based on that without having to manually write the code to do so.  More to the point though, building the Auth library like this has allowed us to add a killer feature to the system: remember me.

The Nova login page now includes a check box that, when checked, will set a cookie with the user’s username and password.  If a user goes to the site and has that cookie set, Nova will automatically log them in so they can continue with what they’re doing without interruption.  By default, the cookie will be active for 14 days, but that setting can be changed from the config files.  For the span of a few weeks a few years ago, several people requested the feature, but CodeIgniter made it incredibly easy to add this feature.  How easy?  The entire authentication system was built in 2 days as opposed to the weeks it took to build and tweak the SMS authentication system.