If you need to secure every method of a Codeigniter controller, you can do it with one line instead of checking the session in every method before doing anything else. In the constructor of the controller simply check that $this->router->fetch_method is not equal to your login method and that a user isn’t logged in. If you meet both of these criteria, redirect to the login method.