How to develop a login and registration system in CodeIgniter 4
Let us develop a registration and login system in CodeIgniter 4 and MySQL database for the customers. There will be a simple home page with options for registration and login. Customers can submit a registration form. Once registration is successful, customer can login into the application. You will also learn form validation in CodeIgniter 4.
We will be using a folder named 'projects' in D:\ drive and installed CodeIgniter 4 in customer folder under projects directory. So, the root directory is D:/projects/customer.
We will have a Controller - Customer.php, Model - ModelCustomer.php and three views - home.php, login.php and signup.php under Views folder
$table is used to indicate that the model will primarily use this table. However, you can use other tables also in the query.
Step 3 - Write Controller code (Customer.php)
Our controller function will have an index() method, signup() method, login() method and logout() method. See the code below at the beginning of the controller:
<?php
namespace App\Controllers;
use CodeIgniter\Controller;
use App\Models\ModelCustomer;
class Customer extends Controller {
protected $model;
public function __construct() {
helper(['form', 'url']);
$this->model = new ModelCustomer();
}
public function index() {
echo view('home');
}
}
In the constructor method, form and url helpers are loaded. Then an instance of the model is created. Home page screen is given below:
Let us now add the methods for Signup, Login and Logout in the controller.
Controller Method signup()
When user clicks on Signup link in home page, this method is called. If the form is submitted, it does validation for the input fields using validation rules. If validation is fails, it reloads the view with val;idation error message. But if all fields are validated successfully, this method inserts the data in the table using the model. Let's see the code for signup() method.
public function signup() {
$element = [];
$element['succ_msg'] = "";
$element['err_msg'] = "";
if ($this->request->getMethod() === 'post') {
$rules = [
'name' => [
'label' => 'Name',
'rules' => 'trim|required',
],
'email' => [
'label' => 'Email Id',
'rules' => 'trim|required|valid_email|is_unique[customer.email]',
],
'password' => [
'label' => 'Password',
'rules' => 'required',
],
'conf_pwd' => [
'label' => 'Confirm Password',
'rules' => 'required|matches[password]',
]
];
$errors = [
'name' =>[
'required' => '{field} is required'
],
'email' => [
'required' => '{field} is required',
'valid_email' => 'This is not a valid email address',
'is_unique' => 'This email id already registered'
],
'password' => [
'required' => '{field} is required'
],
'conf_pwd' => [
'required' => '{field} is required',
'matches' => '{field} does not match with Password'
],
];
if (!$this->validate($rules, $errors)) {
echo view('signup',$element);
}
else {
// validations are successful, go for signup
$name = $this->request->getPost('name');
$email = $this->request->getPost('email');
$password = $this->request->getPost('password');
$password = password_hash($password,PASSWORD_DEFAULT);
$data = array('name'=>$name, 'email'=>$email, 'password'=>$password);
$result = $this->model->save($data);
if ($result){
$msg = 'Signup successful, please login with your email id and password';
$element['succ_msg'] = $msg;
}
else{
$msg = "Error in Signup";
$element['err_msg'] = $msg;
}
echo view('signup',$element);
}
}
else {
echo view('signup', $element);
}
} // end of method signup
$this->model->save() method will insert the row in database table.
Controller Method login()
Method login() is called when user clicks on Login link in Home page. On successful login, it redirects the user to the home page where it shows a welcome message and a logout option, otherwise it reloads login view with the error message. Let's see the code:
<?php
public function login(){
$session = session();
if ($this->request->getMethod() === 'post') {
$email = $this->request->getPost('email');
$password = $this->request->getPost('password');
// validate fields
$rules = [
'email' => [
'label' =>'Email Id',
'rules' => 'trim|required'
],
'password' => [
'label' => 'Password',
'rules' => 'required',
]
];
$errors = [
'email' => [
'required' => '{field} is required',
],
'password' => [
'required' => '{field} is required'
],
];
if (!$this->validate($rules, $errors)) {
// validation not passed, so load the form again
echo view('login');
}
else {
$result = $this->model->where('email', $email)->first();
if($result){
$pass = $result['password'];
$verify_pass = password_verify($password, $pass);
if ($verify_pass) {
$sess_array = [
'email' => $result['email'],
'name' => $result['name'],
];
$session->set($sess_array);
return redirect()->to('/customer');
}
else {
$session->setFlashdata('msg', 'Invalid password entered');
echo view('login');
}
}
else {
$session->setFlashdata('msg', 'Email Id not registered');
echo view('login');
}
}
}
else {
echo view('login');
}
} // end of method login
It uses an array to store name and email in the session, so that name and email can be used anywhere in the application.
Controller Method logout()
Method logout() deletes the session and redirects the user to the home page. See below:
public function logout() {
$session = session();
$session ->destroy();
return redirect()->to('/customer');
}
So, these were our controller methods, now let's see the Views in next step.
There will be three views for home page, signup page and login page. Additionally, there will be a custom css file and a small piece of JavaScripts for showing/hiding password in login page. Let us take a look at them one by one.
View for Home Page
Our home page is simple, it just displays two links, one for signup and other for login if customer is not logged in. But when customer is logged in, it will display welcome message with the name of the customer and a logout link. Below are the screens for before login and after login:
Signup page will display a form for the customer to fill and submit. It has name, email id, password and confirm password fields along with a submit button.
Note that csrf_field() is added for CSRF protection and related error will be displayed using session()->getFlashdata('error'). To enable CSRF protection for post requests, update app/Config/Filters.php to add csrf for post in $methods property.
public $methods = ['post' => ['csrf'],];
View for Login Page
Login page will have email_id and password as input fields. See below code:
Here, we have included a JavaScript file scripts.js. We will use JavaScript function for the option "Show Password" which is added as checkbox. When user clicks on it, it calls a JavaScript function togglePwd() written in scripts.js.
Below is the code for togglePwd() function:
scripts.js
function togglePwd() {
var pwd = document.getElementById("password");
if (pwd.type === "password")
pwd.type = "text";
else
pwd.type = "password";
}
This function changes the type of the password field in login page, from "password" to "text" and vice versa.
Let me give the stylesheet also I created for all these views.
$routes->setDefaultNamespace('App\Controllers');
$routes->setDefaultController('Customer');
$routes->setDefaultMethod('index');
$routes->setTranslateURIDashes(false);
$routes->set404Override();
$routes->setAutoRoute(true);
/*
* --------------------------------------------------------------------
* Route Definitions
* --------------------------------------------------------------------
*/
// We get a performance increase by specifying the default
// route since we don't have to scan directories.
$routes->get('/', 'Customer::index');
$routes->get('/signup', 'Customer::signup');
$routes->get('/login', 'Customer::login');
$routes->get('/logout', 'Customer::logout');
Update .env to set the environment as development. This file is in root directory.
Copy of env to .env. Update the environment from production to development as below:
# CI_ENVIRONMENT = production
CI_ENVIRONMENT = development
Test the Application
You can test the application using built-in PHP server. In the command prompt from then project root run php spark serve. This will start the server in port 8080.
Run http://localhost:8080/. This will open the home page.
Click on Signup and do a successful signup. Then using the email and password as given during signup, try to login. You should be able to login successfully and see the message displayed on the screen with the name and logout link.
Conclusion
Developing Registration and Login forms can help you understand CodeIgniter 4 if you have just started working with it. We have done form validation, used session library and used database select/insert. I hope this will help you in your project development.