Libraries make code reuse possible. You abstract out the functionality for the authentication tasks and then you can load and use those in any of your controllers, methods, models, etc.

UPDATE

Controllers (in CodeIgniter) just respond to a request and the libraries are the workhorses. For example, in the auth library, the controller may have a method called login. This method doesn’t actually log the user in. Instead, it checks to see if there are any $_POST variables available. If the user has yet to enter username/password, then the $_POST array will be empty. The controller will then call a login view that will display the login form to the user. The user will then enter username/password and submit that form back to the login method of the auth controller.

Since there are now $_POST variables, the auth controller will then call the auth library (probably a method like check_auth_credentials and try to log in the user.

Basically, the controllers “control” the request. They determine what to do based on what the request is and what is being sent with the request. Libraries, in contrast, are a set of related methods that manage a set of tasks. The controllers are what the USER interacts with and the libraries are what the CONTROLLERS interact with.