In this post, I discuss the details of how to use my admin module. Hopefully this covers all the stuff you need to know; if not, let me know in the comments. I'm just one guy, so it may be quicker to ask on the Kohana forums for troubleshooting. Previous writing:

  1. Setting up the basic Auth in KO3 (part 1)
  2. An overview of the functionality provided by the Auth module (part 2)
  3. Kohana 3 auth: sample implementation and documentation (part 3)
  4. Getting started with Useradmin, my Kohana 3 auth admin module (part 4; this part)

KO3.1 support is DONE, updating this tutorial to match that now. See part 3 above for changelog.

1. Installation

Changes from 3.x version of the module to 3.1.x compatible version

The useradmin module is no longer offered as a "single application" with Kohana bundled in the same repository. Instead, only the content of the /modules/user directory is now in the repository. This makes it easier to work with the repository in Github.

  • You should copy the module to your /modules -directory.
  • You need to have the kohana-email module for sending forgotten password emails for now, if you want to use that feature.
  • Kohana 3.1 no longer bundles the pagination module which is used in the admin interface. You have to get that module and enable it.
Database schema

Import the MySQL schema from /schema.sql. It will create a "useradmin" database. You might want to rename that when you start; in that case you need to change /application/config/database.php.

Watch this space! Right now, the database schema's passwords do not work out of the box. I'm working on making a script to generate a secure starting SQL file for you... For now, use Auth::instance()->hash('password') and then reset the admin password via your MySQL admin tool.

Module load order

Make sure that Useradmin is loaded before Auth in your bootstrap.php, because otherwise Kohana will not load the correct Model_User (it'll use the one in Auth, not the one in Useradmin). Example with the minimum required modules:

   'user'       => MODPATH.'user',       // Useradmin module
   'auth'       => MODPATH.'auth',       // Basic authentication
   'database'   => MODPATH.'database',   // Database access
   'orm'        => MODPATH.'orm',        // Object Relationship Mapping
   'pagination'        => MODPATH.'pagination',        // Pagination
   'oauth'        => MODPATH.'oauth',        // Kohana-Oauth for Twitter
   'kohana-email'        => MODPATH.'kohana-email',        // Kohana-Email for email

The required modules are user, auth, database, ORM, Pagination. Optional modules: Oauth (for Twitter) and kohana-email (for email sending support).

Writable directories

Make sure the /application/logs and /application/cache directories exist and are writable by your server (you'll get an error if they aren't).

Copying the static files for performance

The useradmin module now includes a simple media serving capability so that you can get started by just including the module.

However, since it is not a good idea for performance to load CSS and image files via Kohana, you should copy the /public folder to wherever you put your webroot. This way Apache will load it directly (since direct file accesses are preferred in the Kohana default htaccess file).

KO3.1 Auth configuration

In Kohana 3.1, the default hash method is now sha256 instead of sha1. This means that there is no salt_pattern; and that old KO 3.x passwords are not compatible with KO 3.1! See the discussion on this bug for more information. TL;DR: the salt pattern is weak, so if someone steals your database but does not know your salt_key, they can deduce it easily and perform a dictionary attack.

Instead, you need to configure your hash_key which gets passed to You can also use any of the hast_hmac() supported algorithms if you want to.

Use a random hash_key, for example from:

return array

    'driver' => 'ORM',
    'hash_method' => 'sha256',
    'hash_key' => NULL, // replace with random string
    'lifetime' => 1209600,
    'session_key' => 'auth_user',
    'users' => array(),

Migrating from KO3.x

Watch this space! I'm working on a better migration path than throwing out the old password database...

Important: Note that the password column should be CHAR(64) for sha256.

2. Useradmin configuration

By default, reCaptcha support and Facebook logins are disabled, but password reset via email is enabled.

Facebook login

To enable Facebook login, set the "facebook" option to true in config/useradmin.php. Then you need to copy /modules/user/config/facebook.php as /application/config/facebook.php and set app_id and secret to the values you got from Facebook. You need to register your site/app here to get those values. That's really all it takes; you can then start accepting Facebook logins.

For more info about how Facebook logins work, see my series on implementing Facebook login. No additional database changes are needed if you are using my schema.sql; otherwise you need to add one extra field to your User table (facebook_user_id BIGINT( 20 )).

ReCaptcha on registration

To enable a ReCaptcha check on registration, set the "captcha" option to true in config/useradmin.php. Then you need to copy /modules/user/config/recaptcha.php as /application/config/recaptcha.php and set privatekey and publickey to the values you get from reCaptcha. Register for reCaptcha here.

Disabling password reset via email, Facebook login or ReCaptcha on registration

If you want to disable Facebook logins, or disable the password reset via email functionality, then copy /modules/user/config/useradmin.php to /application/config/ and set either "facebook" or "email" to false. You can also change the address from which the password reset emails are sent in that file.

3. Customization

Creating your own controllers which extend Controller_App

All the controllers in Useradmin inherit from Controller_App in /modules/user/classes/controller/app.php.

You'll want you own controllers to also inherit from it, since Controller_App defines a before() action which performs the auth checks.

In addition, Controller_App provides support for template rendering: it defaults to using /modules/user/views/template/default.php. If you want to override that template, you'll want to copy the default.php file to /application/views/template/default.php and modify it.

The Controller classes for Useradmin default to using /modules/user/views/template/useradmin.php. This means that you can have one UI template for Useradmin, and another for the rest of your application. Alternatively you can integrate the two by adding links to your own template.

Naming your controllers


Sam: Not sure why I'm getting the following error when I try to use facebook login....

Kohana_Exception [ 0 ]: Invalid method generate_password called in Model_User

Any help would be greatly appreciated. Thanks!

Mikito Takada: My quick guess is: in bootstrap.php, are you loading the Useradmin module before the Auth module?

You need to load the Useradmin (a.k.a. User) module before Auth so that Kohana uses the Model_User in Useradmin which has generate_password, rather than the one from Auth, which doesn't.

Damnit! I forgot that from this page though it was discussed in the previous blog post comments. Page updated!

BTW, let me know if you get everything working (including Facebook) with this guide; I've tested this myself but I may have glossed over some details since I wrote the module.

Sam: Awesome! That's exactly what it was. I activated the useradmin module right after the auth module in the bootstrap file. Thanks for your quick response! It would of taken me hours to figure that out. =) Also, how do you disable the profile data?

Mikito Takada: What do you mean by disabling the profile data? If you mean disabling the profile editing, you can do that by creating your own Controller_User in application/classes/controller/user.php (extends Controller_Useradmin_User) and overriding the action_profile_edit function with a simple redirect back to the profile page / to the change password action. The change password action (action_change_password) is there for applications that don't want to use user profiles but still want to have a page to change the password only.

Sam: Sorry, I should of explained myself better. I meant to say the profiling information on the bottom of the page for execution time, database queries, etc etc. Thanks!

Mikito Takada: To remove the profiling information, just remove the code that prints the profiler view from the template you are using (e.g. module/user/view/template/useradmin.php or template/default.php; you can copy them to your app/views/ directory to override them).

Sam: Awesome, Thanks!

Davey: Really awesome module!

Quick question, I want to achieve this:

As you can see I want 'backoffice' in front of the controller name, how can I achieve this?

Mikito Takada: See: and

Probably something like:

Route::set('backoffice/user', 'user/(<action>(/<id>))') ->defaults(array( 'controller' => 'user', 'action' => 'index', 'id' => NULL, ));

I haven't tried this out.

Sam: Hi Mikito,

It's me again... I installed your code and everything was working fine last week but now the facebook login button no longer works. I can't even click it. Any idea? ( Thanks in advance!

Mikito Takada: Tried it out with my test account, signup via Facebook works for me on your site. If you haven't changed the code for the post-login logic, then the problem is with your browser...

If you find a specific, reproducible problem and are sure that the problem is with my module then file a bug in Github ("no longer works" is not a bug since it's not specific or reproducible). Even better, fork the code and send me a pull request with a fix.

While I appreciate people using my code, I don't do individual support/debugging :) -- except via blogging/tutorials/occasional comments which is much more efficient than personalized support... I think it's better for me to use any free time on improving the code further rather than providing support.

Sam: Thanks Mikito! I totally understand. I just find it strange that it suddenly stopped working for me. Thanks so much for looking into this for me. I will file any bug in Github next time if I find anything. =)

ellisgl: Thanks for developing this. I do have a couple questions:

  1. Since 3.1.0 is out now, are you planning on updating the code to match?
  2. It would be nice to have the session driver set via the config file.

Mikito Takada: 1) Yes, but I'm swamped with work right now, so an upgrade to 3.1.0 will be coming in a couple of weeks unless someone else wants to do it... The problem is that I have no paid Kohana projects right now, so work on Useradmin comes out of my free time budget. 2) I'll add that to the wishlist.

Jam: +1 for being able to use the native session driver, also adding the ability to set the $remember switch in the Auth ORM _login method would be awesome too.

Enrique: Hi, how can I download your code? I can't find the link... Thanks!

Mikito Takada:

Sam M: Thanks for developing this great resource.

Although I believe I found an error in the most recent version of useradmin I downloaded. When attempting to log in without the correct login or password (or just nothing at all). I would get an error in "MODPATH/user/classes/controller/useradmin/user.php" on line 289. It was:

ErrorException [ Fatal Error ]: Call to a member function errors() on a non-object

This line:

$view->set('errors', $status->errors('login'));

I replaced $status with $_REQUEST and the problem seemed to be fixed.

greg: Hey, I found it very useful but I have one problem. I am getting an error (if the login or password is wrong) when I am trying to login:

ErrorException [ Fatal Error ]: Call to a member function errors() on a non-object MODPATHuserclassescontrolleruseradminuser.php [ 289 ] 284 if ($status) { 285 // redirect to the user account 286 Request::instance()->redirect('user/profile'); 287 } else { 288 // Get errors for display in view 289 $view->set('errors', $status->errors('login')); 290 } 291 } 292 $view->set('facebook_enabled', Kohana::config('useradmin')->facebook); 293 $this->template->content = $view; 294 }

Any idea what's wrong?

Thanks in advance.

Mikito Takada: Yeah, see Sam M's comment above (it was stuck in moderation queue for a while). The fix will be built-in in the next release (which comes with awesome UI and Twitter+Google+Yahoo support).

greg: Sorry, I didn't notice the post above when I was typing. I am bit distracted today.

Sam's solution works like a charm. I just replaced the:




One more thing. If I won't be using $_GET method can I replace the $_REQUEST with the $_POST? It should work fine also, right?

About next release - awesome dude! When are you going to release it? Anytime soon? It will be working on kohana 3.0 or 3.1?

Great job!

Mikito Takada: The new release is out NOW!

It's still Kohana 3.0.x based, but there will eventually be support for Kohana 3.1.x - when I have more time...

(Edit: KO 3.1.x is now supported.)

neovive: Just wanted to say thank you for all of the great tutorials and modules on your blog.

Seb: Hey, awesome module - seriously good stuff! Will be adding the facebook/twitter image grab functions for you and will email you the code once done.

Just quickly tho, I'm getting the error"Retrieving information from the provider failed. Please register below." when trying to login via facebook, any suggestions?

Facebook privacy settings are good, everything installed as per your instructions (i think)...

Mikito Takada: Great! The error "Retrieving information from the provider..." is usually caused by having an invalid API key so that the result from Facebook cannot be verifies properly.

Check your config/facebook.php and try printing out $_REQUEST before calling if($provider->verify()) { in useradmin / classes / controller / useradmin / user.php to get the returned values..

Also, you might want to try to throw the exception from useradmin / classes / provider / facebook.php verify() to get more information...

Zoran Ivancevic: Hi, is there any way I can use this module with Doctrine instead of the default ORM? I guess I could use the ORM just for you plugin, and Doctrine for everything else, but that could be really messy.

Cieply: When i'm trying to create new account get this error: ErrorException [ Fatal Error ]: Call to undefined method Auth_File::register()

MODPATH/user/classes/controller/useradmin/user.php [ 179 ]

Kohana 3.1.2

Mikito Takada: Sorry, Useradmin is tested/meant to be used with Auth_ORM (e.g. you need to use ORM and the ORM Auth driver).

The Auth_File driver is not supported by Useradmin, the recent code updates improved the level of abstraction but I don't use Auth_File so I don't test with it. You need to port the Auth_ORM extensions to Auth_File yourself or use the ORM driver.

Zoran Ivancevic: I managed to get your module running with doctrine. Twitter, google and yahoo work fine, but with Facebook I'm having the same problem as Seb: "Retrieving information from the provider failed. Please register below."

It is failing in the vendor file, function getSession(). Session seems always to be NULL. It is in the $_REQUEST.

My api key is fine. I checked a few times.

Any suggestions?

Mikito Takada: Hi Zoran, awesome! I have been looking into using Doctrine if I do a big project with Kohana.

About the problem: you mean this file?

Then the problem is with Facebook's own PHP SDK.

If you are on Windows, then you might have problems with curl having old certificates (there is a loooong thread on this on the Facebook SDK PHP: ). Generally my impression is that Facebook's own library seems to have a lot of issues and the documentation is rather confusing.

See also:

Useradmin only does a lightweight wrapper ( ) around the Facebook PHP SDK - so if you have the rest of the module working, then the problem is with Facebook's own library...

Zoran Ivancevic: Yes, that file. In fuction getSession()

// try loading session from $_REQUEST if (!$session && isset($_REQUEST['session'])) { $session = json_decode( get_magic_quotes_gpc() ? stripslashes($_REQUEST['session']) : $_REQUEST['session'], true ); print_r($_REQUEST['session']); //bugtrace print_r($session); //bugtrace $session = $this->validateSessionObject($session); }

first print_r outputs b63a1f2864504778eb2e7b6fc0b8bfed second print_r outputs nothing

Zoran Ivancevic: Maybe the return from facebook is not set up right. Can you just tell me what should I put in facebook dev under site URL: ?

Mikito Takada: The return URL should be:

Harry: Hello, Mikito!

Thank you for the enormous effort you've put in the module.

I have a problem when I try to register a user:

Call to undefined method Auth_File::register()

in line 179 in


The line says:

Auth::instance()->register( $_POST, TRUE );

And after browsing through all of the classess declarations I found that the instance method should return an object of the class Auth_ORM (or from a class which extends Auth_ORM). But instead of that it returns an object from Auth_File class which doesn't have register method of course.

The problem obviously is happening in the instance method in modules/classes/kohana/auth.php :

public static function instance()
    if ( ! isset(Auth::$instance))
        // Load the configuration for this type
        $config = Kohana::config('auth');

        if ( ! $type = $config-&gt;get('driver'))
            $type = 'file';

        // Set the session class name
        $class = 'Auth'.ucfirst($type);

        // Create a new session instance
        Auth::$_instance = new $class($config);

    return Auth::$_instance;

I've thought I have a problem with the configuration in bootstrap.php, but it's the same as provided in the tutorial.

Could you please help me?

Andres: Hi Mikito, I only can say: "Good Job, man!". Thanks!

Useradmin works right, so taking a look to your schema.sql I can see that user_identity table has not a foreign key to, no matter with this, but it's my little improvement :)

I'm from Argentina and I'm using i18n for internationalization (using my own es-ar translation... yes, I used your i18n auto-collector script!) but, reading your code, I can see that you forgotten some function "__" calls. I added this in my code, I would share my code with you soon.

Thanks again for sharing you code with us!

Mikito Takada: Yeah, as the code you quote says if you don't configure the driver for the KO 3.1 core Auth, it will use the Auth_File driver, which is NOT supported by Useradmin (at least not yet; it's just an early start for doing that abstraction but not sure that I will implement it). Make sure you have configured auth like in the section "KO3.1 Auth configuration" above.

Please use the ORM driver in /application/config/auth.php...

Mikito Takada: Thanks Andres, this comment made my day after feeling pretty tired! I probably missed some __ calls in the last upgrade, send me the code to firstname.surname at (e.g. zipped). I'll do a merge next time I work on Useradmin.

Andres: Hi Mikito, thanks for your reply! I'm testing all Useradmin features, but when Useradmin tries to send a mail (e.g. when I clicked in the forgot password link), I received a Error: ErrorException [ Fatal Error ]: Class 'Email' not found I added the Shadowhand email module for Kohana 3.x and the old banks kohana-email module, both with the same result.

In my application bootstrap, I have:

Kohana::modules(array( 'user' => MODPATH.'user', // Useradmin module 'auth' => MODPATH.'auth', // Basic authentication // 'cache' => MODPATH.'cache', // Caching with multiple backends // 'codebench' => MODPATH.'codebench', // Benchmarking tool 'database' => MODPATH.'database', // Database access // 'image' => MODPATH.'image', // Image manipulation 'orm' => MODPATH.'orm', // Object Relationship Mapping 'email' => MODPATH.'email', // Email module 'pagination' => MODPATH.'pagination', // Pagination module // 'unittest' => MODPATH.'unittest', // Unit testing // 'userguide' => MODPATH.'userguide', // User guide and API documentation ));

Do you know why the system can't load the Email class?

Steve: Thanks man, this saved me a lot of time and works fantastically so far. The only issue I found was a call to Security::xss_clean() in the login function that didn't exist anymore, but I just changed it to HTML::chars to escape it instead and everything works great. I'll let you know if I'm able to implement any of your wish list features in the future.

Brent: Hi, I am trying to set up the module but when trying to update my database with your schema in fails on any CREATE TABLE that includes foreign key constraints with error: Error Code: 1005 Can't create table 'user_tokens' (errno: 150)

Mysql docs suggest that a column name may match an internal table name.

Any ideas anyone?

Jan Daniel: Hello, maybe you should use HTML::.. methods with last attribute TRUE - without it module styling and links will not work on application which doesnt use clean URLs.

I am pretty new to Kohana and takes me a while to solve where is a problem.

Shoaibi: Have i missed it or is there no example routes file for this module?

Mikito Takada: You don't need extra routing for most of the functionality, since the default /controller/action routes are fine e.g. /user/login/ => Controller_User -> action_login. The few additional routes for Useradmin are defined in the init.php file.

Shoaibi: great... One more question. I have got Facebook, Google, Yahoo and Recaptcha working. Twitter gives: ErrorException [ Fatal Error ]: Class 'OAuth_Consumer' not found

whereas oauth is enabled in bootstrap. Did i miss a module?

Shoaibi: One word, AWESOME. So well thought and organized, Keep the good work up.

Mikito Takada: Yeah, you need Kohana-Oauth for Twitter support:

If you need email support, you can try with banks Kohana-Email module, but I will need to give that part of the code another look to ensure 3.1.x compatibility for email sending.

Shoaibi: had a typo there, fixed that, working great.

Btw, any chances of adding user email activation support before one can login?

Mikito Takada: Maybe closer to the summer when I get a chance to recheck the email code, but for now, I have no free time! If you build it, I'll include it in the module, however.

Dinesh Shah: Mikito,

Your module is awesome. I am investigating it if I can use it my apps. It sure will help me with implementing my own auth. :-)

How do I submit a patch for changes I made to make it compatible with KO 3.1?

This patch uses Shadowhand's email module instead of Bank's which is not(?) compatible with KO 3.1 as discussed in this Kohana Forum Post -

I have also removed/replace Security::xss_clean()call to PHP's filter_vars() in reset password method.

Once again thanks for your great work.


set('username', Security::xss_clean($_GET['username']));

> // $view->set('username', Security::xssclean($GET['username'])); // KO 3.1 removed this method from Security class > $view->set('username', filtervar($GET['username'], FILTERSANITIZESTRING)); 339c340,345 / > Changes made to use shadowhand's email module (wrapper for SwiftMailer) > */ > > // $mailer = Email::connect(); > $mailer = Email::factory(); 342,345c348,355 < $subject = ('Account password reset'); < $to = $_POST['reset_email']; email_address; // $subject = ('Account password reset'); > $mailer->subject(__('Account password reset')); > // $to = $_POST['reset_email']; > $mailer->to($_POST['reset_email']); > // $from = Kohana::config('useradmin')->email_address; > $mailer->from(Kohana::config('useradmin')->email_address); > // $body = ($message, array( > $mailer->message(($message, array( 350,355c360,367 < )); < $message_swift = Swift_Message::newInstance($subject, $body) setFrom($from) setTo($to); send($message_swift)) { ))); > // $message_swift = Swift_Message::newInstance($subject, $body) > // ->setFrom($from) > // ->setTo($to); > > // if($mailer->send($message_swift)) { > if($mailer->send()) { > Message::add('success', ('Password reset email sent.'));

Carnevalle: Hi Mikito,

Thank you for an awesome module. I am still trying to get my head around Kohana and how to extend your module with my own pages, but for now I too am struggling with getting the Facebook connect to work.

I have, to the best of my knowledge, setup the API keys in the config file and configured the canvas URLS in my app to

Whenever I try to register a new user or connect a user to Facebook it just redirects me to There is no callback to my site.

Jean-Nicolas Boulay Desjardins: This is the error I get:

ErrorException [ Fatal Error ]: Call to undefined method Auth_ORM::register()

It does not make any sense...

in my boot* I have added orm and auth... I can not see why I am getting this error.

Thanks Mixu in advance :)

Mikito Takada: For future readers: We talked this over, answer is that you should load the Useradmin module before the Auth module, since otherwise the wrong file gets loaded (Useradmin extends the Core auth a little).

Jack: Would just like to add that if you are receiving a benchmark page when you extend Controller_App, that you need to set auto_render to false.

public $auto_render = FALSE;

Dinesh Shah: Mikito,

I would like to use email for all actions (login etc.). I do not want to keep 'username' column in my user table.

I have tried to over ride rules() in Model_User without success. :-(

Any pointers?

Thanks for your time.

Daniel Ribeiro Gomes: Hey man, how are you doing?

I've been working with this module for sometime now, and i'm having a trouble related to the Session Database Driver.

Somehow, when I set the default adapter to be the database adapter on bootstrap, like this:

Session::$default = "database";

I get a lost of failures on the test batteries, usually related to login actions.

I'm currently using Kohana 3.1.x, with Useradmin module enabled.

Does anyone have an idea about that?


Chris: My database is throwing an exception because in the schema, last_failed_login datetime NOT NULL so when I create a user I'm getting: Database_Exception [ 1364 ]: Field 'last_failed_login' doesn't have a default value

Marcelo Rodrigo: Your module is really awesome, good job! A hug from Brazil

Sam: @Zoran - Did you figure out how to get the Facebook API to work? I'm having the exact same problem as you and have traced it to the same getSession() function. Not sure why the session is not coming back.

Sam: Alright, I found the problem. For some reason the 'session' variable from $_GET['session'] cannot be obtained using $_REQUEST['session']. I was able to see the session variable passed in thru the address bar. So what I did was commented the section with $_REQUEST and replaced it with this:

  if (!$session &amp;&amp; isset($_GET['session'])) {
    $session = json_decode(
        ? stripslashes($_GET['session'])
        : $_GET['session'],
    $session = $this-&gt;validateSessionObject($session);

Now it works but when I try to register with a Facebook login, it tells me that it cannot obtain all the required information and the user still need to fill out the form. It works fine if you already have an account and just associate your Facebook account with it.

Maz: Thanks for this awesome module! But i still have problems with the email module on K3.1.. Is there any fix for new module for this?

Maz: Could you possibly upload the module? :-)

Dinesh Shah: @Maz,

I do not have commit access yet.

Dinesh Shah: @Mikito,

I would like to add Roles Management in this module.

How do I submit patch/files?

k2011: I am getting a "The page isn't redirecting properly" once the user logs in. Anyone with an idea of how this can be resolved? Thanks

robo: Awsome,

do you plan to write about acount validation via a link in an email? is this feature included in auth?

buggy-13: I hava a question about validating register form.


public function rules() { $parent = parent::rules(); // fixes the min_length username value $parent['username'][1] = array('min_length', array(':value', 1)); return $parent; }

I have checked and I think line '$parent['username'][1] ' overrides: array('max_length', array(':value', 32)),

is it correct?

I use Kohana 3.2

Crates: I have a copy of this suite updated for Kohana 3.2 if anyone wants it. Send me an e-mail (typing at gmail dot com) if you want a copy.

Nightnyt: @Crates send me one :)

Lyndon: I'v also ported this to ko3.2. I had a lot of issues with getting the user_identity table to work. It didn't help that there were multiple versions of the database with different table names. In the end I worked out that it was converting the table name user_identity to user_identities because of the ORM $_table_names_plural value. After fixing that and making a few other small changes everything seems to be working fine.

Does anyone know if the introduction of $_table_names_plural to the ORM module is new to 3.2? I dont even understand why it would be used....

Let me know if people will be interested in the updated module and I'll make it publicly available.

dex: send me one too please :)

Nightnyt: we can work to create a basic tutorial on how the framework works. like basic login, registration, fetching data etc.

im just planning to make one soon, but im still new on this. so 3.2 would be a great start.

Crates: Yeah, I had the same problem with the pluralities. There are still some issues I'm working out with the retrieval and commitment of data in the user management screen; the creation of the users is working but the view/edit is screwy. Lyndon, if you've already worked that out, e-mail me (; if not, well, I should have it taken care of in a day or two.

There's already been like seven people requesting me via e-mail for the finished copy of this script, and my boss really wants it too (^_^) so I should be able to hook everyone up very soon.

Crates: Okay... I'm almost done with the changes to the 3.2 port and I've created a Google Code project for anyone who wants to help to maintain it or wants a copy in the future.

Mikito, please e-mail me ( if you are reading this because I could REALLY use some advice to expedite the completion of this migration.

Right now I'm working on resolving some issues with OAuth, as that component is still only partially working.

Jeremie Weldin: @crates: why not just fork the project on github?

Jeremie Weldin: "If you just need an extra field, you can add that in the database. The code for saving users is flexible enough that it will save new fields if they exist in the database."

I noticed that when attempting to add new fields to the user table, you can't just add fields to the database and then modify the views. The register method of Useradmin_Auth_ORM calls:

$user->create_user($fields, array( 'username', 'password', 'email', ));

which sets the expected fields to only the 3 specified. In order to add fields to the user you would need to pass NULL for the expected fields or add your custom fields to the array.

Please correct me if I am wrong.

Kenny: I managed to get everything to work in Ko 3.2 — update the Controller Action Parameters in user.php as the conventions have changed and the provider_name was returning null so I put: $provider_name = $this->request->param('provider');

Also gotta update oauth with the patch Revision 78867c4b from the kohana repo.

And some other things too, but for me those seemed to be the key things...

Don't forget to update any references from user_identity to user_identities...

Thanks to Mixu for putting this together, it's a great way to get into Kohana.

Enigma: Hi Kenny/ Crate ... can you share the working 3.2 code for useradmin .... kindly let me ... im quite to kohana ... just want to start now ... kindly help me

Enigma: Kohana 3.2 Modules Changes

Just be brave and copy the 3.1 module enable it and set it as mentioned above.

  1. The first issue would the table name 'user_identities ' .... just rename the table 'user_identity' to user_identities.

  2. Just login and It will look like everything is working then you would find that pagination has a issue just change 'Kohana::config' to Kohana::$config->load

  3. All set now for your own auth .. now lets look at the providers ... you try to connect but you would be getting 'Provider is not enabled; please select another provider or log in normally.' The providers are enabled by default ... but the issue is $provider_name = null ... search for it and right below it add this line

$provider_name = $this->request->param(‘id’);

Kenny's suggesting didnt work for me... just Debug::var($this->request) ... $provider_name = $this->request->param(‘provider’) is not right , param('id') seems to be the right one.

I will keep posting updates as i digg through it and its just a while since i started :) hope we will be having a complete working port here soon .... guys if im missing something kindly correct me ... this is one of the core modules and its very important its up to date ... lets share the pain :)

Kon kana: Can anyone share the latest or 3.2 based version link....

bigredc2: I would love if you could send me your 3.2 port of this. My email is (bigredc at hotmail)

John: Thank-you very much Mixu.

This would have to be one of the best resources (the documentation and discussion) out there and it is exactly what I am looking for.

Would love a 3.2 version, or some help....

I changed table to user_identities... I added a default value for users.last_failed_login Now I have not 'an instance of Validation' in user.php on line 217.

I appreciate modules and documentation like this.... to learn from, to leverage off,... but (unfortunately) I am almost good enough to be a user of these tools, but not a developer of....

Any pointers or assistance greatly appreciated. If anyone has code that works with Kohanan 3.2 then I'd love a copy. :-) Thank-you

Enigma: Do u have a working 3.2 copy ? if anyone does kindly mail me at

Enigma: 4. MODPATHpaginationclasseskohanapagination.php [ 199 ]


return URL::site(Request::current()->uri).URL::query(array($this->config['current_page']['key'] => $page));


return URL::site(Request::current()->uri()).URL::query(array($this->config['current_page']['key'] => $page));

current()->uri become current()->uri()

to be continued .... im going to add the changes as they come .... hope im going the right way and the community notices this .... 3.2 migration is really needed ... and almost a month since i looked in to it but ... guys lets close this off today :) ...

Enigma: 5. MODPATHuserclassesuseradmincontrolleradminuser.php [ 76 ]


public function action_edit($id= NULL) { to

public function action_edit() { $id = $this->request->param('id', NULL);

to be continued.....

Enigma: 6. MODPATHuserclassesuseradmincontrolleradminuser.php [ 218 ]

    public function action_delete($id=NULL)

public function action_delete()
    $id = $this-&gt;request-&gt;param('id', NULL);

Palkonyves: First of all, some changes I deeded for Kohana v3.2:

-- Fixing errors of 'table .user_identities not found':

in useradmin/classes/useradmin/model/user/identity.php add the following ORM property:

protected $_table_name = "user_identity";

-- Fixing pagination errors for user admin, you have to touch the pagination module in pagination/classes/kohana/pagination.php in line 92: $config_file = Kohana::$config->load('pagination')

Otherwise This is a really good working example of a neatly constructed Kohana module. I would do some decomposition for example in user_admin/edit, but otherwise it is very well structured.

checking out the template files I realized the existence of a Datatable helper, which is something I started to and wanted to implement.

Thanks for this module

Enigma: Kindly follow my updates ... im almost done with porting except facebook twitter and captcha validation ... hopefully it will be done today .. if u are interested in joinin wud be great

otakurzo: SOLUTIONS for Kohana 3.1

[b]1. Routing fail with providers[/b]

classesuseradmincontrolleruser.php Functions:

  • action_provider
  • action_associate
  • action_associate_return
  • action_provider_return

Remove the parameters "$provider_name = NULL" and below put $provider_name = $this->request->param('provider');

[b]2. Facebook: getSession deprecated in PHP SDK 3.x[/b] classesuseradminproviderfacebook.php Change "getSession" to "getUser". Reference:

Palkonyves: I will use this module in a bigger project (obviusly :) and I will need a group management. When I implement it, I'll be glad to merge the improvement.

Enigma: 7. Twitter and Facebook integration are very well inbuilt ... but need little tweaks

Twitter : place ca-bundle.crt in config directory. if you dont know where to find ca-bundle.crt goto download cacert.pem and rename it to ca-bundle.crt

Facebook: classes/useradmin/provider/facebook.php [43]


    public function verify()
    if ($this-&gt;facebook-&gt;getSession())


public function verify()
    $this-&gt;uid = $this-&gt;facebook-&gt;getUser();
    if ($this-&gt;uid)

both facebook and twitter login are not properly bakedup ... they are working as associations . new registrations fails and prompts the user for email and password .... is this behavior expected .... i personally think there could be a better way to handle new registrations using twitter and facebook :)

Enigma: just an amendment for the previous post ... twitter doet provide email and hence we hv no other option to go around it ... but with facebook the issue is with the update in the facebook php sdk ...

"the req_perms parameter has been changed to scope "

Facebook: classes/useradmin/provider/facebook.php [35]

change req_perms to scope

Robert C: Can you please send me a copy?

robert AT dubbel16 DOT nl

samuele: i have problems with config load, the setup is ok but i have this error Undefined index: max_failed_logins .

is like the useradmin config file wasn't read

Daniel Ribeiro: I would like to understand why you didn't use the user_tokens table that comes with Auth module to store the reset password tokens.

Is there any specific reason to create the reset_token field?

Asummption: user_token table is for remember me option ... its auto cleaned ... ie records are deleted after a specific period ... to make the reset password token independant from the remember me token ..

Gerald Yeong: Thank you @Enigma, Just wanted to thank you for your hardwork. Thanks mixu for developing this from the start and also the rest that kept this going.

SpaceDoG: Has anyone fixed the issue with the page not redirecting properly after login?

SpaceDoG: So I've gotten everything working with the exception of facebook logins. It's set to true in the config and I've updated the user.php controller to fix all of the nulls but it still won't work... Just keep getting the "Provider is not enabled; please select another provider or log in normally." error. Any thoughts?

SpaceDoG: I got em all working now.

Dave: I found an issue relating to login when using sub directories.

My Kohana install is in http://URL/subdir/

In /classes/useradmin/controller/user.php [47] $urlPath = ltrim(parse_url($this->request->referrer(),PHP_URL_PATH),'/');

Will return /subdir/controller/action/ which then fails when you try to find the correct controller further down causing an infinite redirection loop.

I replaced it with $urlPath = ltrim(substr($this->request->referrer(), strlen(Url::base(true))),'/');

Which appears to work.


Jan Hohner: Could it be that you didn't copy the two routes in init.php? If you didn't the param is called 'id', if you copied the routes the param is called 'provider'.

Cheers, Jan

trig: hi Dave, how did you get them working... I'm having same issues with facebook login

Sam: Is there any place, on github where we could download a working version of useradmin for kohana 3.2. The one from mixu didnt work for 3.1 or 3.2.


kenyana: Anyone with a solution to ErrorException [ Notice ]: Undefined index: max_failed_logins

Its at MODPATHuserclassesuseradminauthorm.php [ 27 ]

Sven Walter: Is there a 3.2 version out there? i am interested :) could someone send me a copy? big thx!

Matt: There is a 3.2 version of useradmin on github. Here is the url:

Cory: (Caveat: Still noobish to kohana 3.2)

That version doesn't (quite) seem to be updated for 3.2. It was relatively easy to set up, but you will still run into some problems with the actions using arguments instead of request->param( [route parameter] ).

One example is trying to select a provider on the login page. Located in Useradmin_Controller_User::action_provder.

function action_provider($provider_name = null) { ...

Should be

function action_provider() { $provider_name = $this->request->param('provider'); ...

You can find the params in the routes, which are located in modules/useradmin/init.php

songerph: Hi can i ask for help? I managed to make most of the useradmin module to work for Kohana 3.1 except for facebook and twitter login/assoc.

Facebook: When I click either buttons, it sends me to with an Error page stating "An error occurred. Please try again later."

Twitter: It gives an error regarding certificate problem:

Error fetching remote [ status 0 ] SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

Anyone got same issues?


songerph: Update: I managed to get FB login to work by adding ".../user/provider/facebook" in my app's "Website -> Site URL" info page. Seems like without this my FB login does not continue redirecting. (Or should the FB login/associate work without this?)

Twitter: Still with the Certificate error

moisha: Hi Mikito - THXXXX 4 this modul - it's really what I've been looking for.

But there are 2 things that I don't understand:

  1. Is this a problem of kohana auth module, that u can't say that one page is accessible for login and for admin users?
  2. when i click on a provider (ex. FB) he opens the FB-Login-Page in the same window - have u already tried to implement it via new Window, so that the person stays on the main page?


newtophp: I have configured the module to work with Facebook but I am getting the error below:

"We have successfully retrieved some of the data from your other account, but we were unable to get all the required fields. Please complete form below to register an account."

Any ideas?

nessa_uepa: Hi, I am making the changes needed to this module work in Kohana 3.3. I will post it here after i finish.

nessa_uepa: I just migrated the Useradmin module to Kohana 3.3.0.

I documented the changes in my blog: