apex / armor
User and session management
Installs: 853
Dependents: 5
Suggesters: 0
Security: 0
Stars: 3
Watchers: 2
Forks: 0
Open Issues: 0
Type:package
Requires
- php: >=8.1
- ext-redis: *
- apex/container: >=2.0
- apex/db: ^2.1
- apex/mercury: ^2.0
- apex/migrations: ^2.0
- brick/phonenumber: ^0.4
- donatj/phpuseragentparser: ^1.4
- maxmind-db/reader: ^1.11
- nyholm/psr7: ^1.4
- nyholm/psr7-server: ^1.0
- symfony/string: ^6.0
Requires (Dev)
- apex/signer: ^2.0
- phpunit/phpunit: ^9.5
README
Designed to provide a solid base foundation for development of a custom user management system, and provides highly configurable base functionality including collection and management of basic user info (username, password, e-mail, phone, geo-location data, et al), e-mail / phone verification, authenticated sessions, 2FA e-mail / SMS requests, user segregated AES256 bit encryption, and more. This is not meant to be a user management system in and of itself, but instead is intended to be extended by one to provide a base foundation. It supports:
- Easy implementation with only one eight method adapter interface, along with the templates / views.
- Easy storage and management of username, password, e-mail, phone number, and basic registration info (date created, geo-location data, et al).
- Multiple user groups, providing central management of different groups of users that may exist throughout your back-end application (eg. admins, customers, developers with API access, support staff, et al).
- Highly configurable with support for multiple policies, each of which consists of 21 different settings allowing for hundreds of different configurations.
- E-mail address and phone verification with built-in support for Vonage / Nexmo for sending SMS messages.
- Easy one-line of code to secure any requests / code behind two factor e-mail / SMS authentication.
- 4096 bit RSA key-pair automatically generated for every user, allowing for segregated user-based AES256 encryption including multi-recipient encryption.
- User device management for both, "remember me" feature and mobile apps / Firebase messages.
- Optional per-user IP based restrictions.
- Historical activity log showing all actions taken against a user's account.
- Full login and session history for each user.
- Fully tested with mySQL, PostgreSQL, and SQLite.
Extensions and Demo
Several extensions are available providing functionality for different authentication schemas:
- PGP - https://github.com/apexpl/armor-pgp/
- API Keys - https://github.com/apexpl/armor-apikeys/
- x509 Certs - https://github.com/apexpl/armor-x509/
An example implementation using the Syrus template engine can be found at:
- Website - https://armor.demo.apexpl.io/
- Github - https://github.com/apexpl/armor-syrus/
Installation
Install via Composer with:
composer require apex/armor
Please see the implementation guide linked below.
Table of Contents
- Implementation Guide
- Armor Class
- User Profiles (create, load, remove users)
- Verifying users
- Login and Auth Sessions
- Two Factor Requests
- AES Encryption
Basic Usage
use Apex\Armor\Armor; // Create user $armor = new Armor(); $user = $armor->createUser('', 'password12345', 'jsmith', 'jsmith@domain.com', '14165551234'); $uuid = $user->getUuid(); // Get user by UUID $user = $armor->getUuid($uuid); // Update e-mail address $user->updateEmail('new@domain.com'); // Check if request is authenticated session if (!$session = $armor->checkAuth()) { die("You are not logged in"); } // Require two factor authentication $session->requireTwoFactor(); // Code below this line will not be executed until authenticated via e-mail / phone. // Encrypt data to user's RSA key $data_id = $session->encryptData('some sensitive data'); // Decrypt data at a later date $text = $session->decryptData($data_id);
Support
If you have any questions, issues or feedback, please feel free to drop a note on the ApexPl Reddit sub for a prompt and helpful response.
Follow Apex
Loads of good things coming in the near future including new quality open source packages, more advanced articles / tutorials that go over down to earth useful topics, et al. Stay informed by joining the mailing list on our web site, or follow along on Twitter at @mdizak1.