byjg / authuser
A simple and customizable class for enable user authentication inside your application. It is available on XML files and Relational Databases.
Fund package maintenance!
byjg
Installs: 5 206
Dependents: 3
Suggesters: 0
Security: 0
Stars: 3
Watchers: 3
Forks: 0
Open Issues: 1
Requires
- php: >=8.1 <8.4
- byjg/cache-engine: ^5.0
- byjg/jwt-wrapper: ^5.0
- byjg/micro-orm: ^5.0
Requires (Dev)
- phpunit/phpunit: ^9.6
- vimeo/psalm: ^5.9
README
A simple and customizable class for enable user authentication inside your application. It is available on XML files, Relational Databases.
The main purpose is just to handle all complexity of validate a user, add properties and create access token abstracting the database layer. This class can persist into session (or file, memcache, etc) the user data between requests.
Creating a Users handling class
Using the FileSystem (XML) as the user storage:
<?php $users = new UsersAnyDataset('/tmp/pass.anydata.xml');
Using the Database as the user storage:
<?php $users = new ByJG\Authenticate\UsersDBDataset( 'connection', // The connection string. Please refer to the project byjg/anydataset new UserDefinition(), // The field metadata for store the users new UserPropertiesDefinition() // The field metadata for store the extra properties );
Note: See the Anydataset project to see the database available and the connection strings as well.
Check if user was previously authenticated
<?php $sessionContext = new \ByJG\Authenticate\SessionContext(\ByJG\Cache\Factory::createSessionPool()); // Check if the user is authenticated if ($sessionContext->isAuthenticated()) { // Get the userId of the authenticated users $userId = $sessionContext->userInfo(); // Get the user and your name $user = $users->getById($userId); echo "Hello: " . $user->getName(); }
Saving extra info into the user session
You can save data in the session data exists only during the user is logged in. Once the user logged off the data stored with the user session will be released.
Store the data for the current user session:
<?php $sessionContext = new \ByJG\Authenticate\SessionContext(\ByJG\Cache\Factory::createSessionPool()); $sessionContext->setSessionData('key', 'value');
Getting the data from the current user session:
<?php $sessionContext = new \ByJG\Authenticate\SessionContext(\ByJG\Cache\Factory::createSessionPool()); $value = $sessionContext->getSessionData('key');
Note: If the user is not logged an error will be throw
Adding a custom property to the users
<?php $user = $users->getById($userId); $user->setField('somefield', 'somevalue'); $users->save();
Logout from a session
<?php $sessionContext->registerLogout();
Important note about SessionContext
SessionContext
object will store the info about the current context.
As SessionContext uses CachePool interface defined in PSR-6 you can set any storage
to save your session context.
In our examples we are using a regular PHP Session for store the user context
(Factory::createSessionPool()
). But if you are using another store like MemCached
you have to define a UNIQUE prefix for that session. Note if TWO users have the same
prefix you probably have an unexpected result for the SessionContext.
Example for memcached:
<?php $sessionContext = new \ByJG\Authenticate\SessionContext(\ByJG\Cache\Factory::createMemcachedPool(), 'UNIQUEPREFIX');
If you do not know to create/manage that unique prefix prefer to use the regular Session object.
Architecture
┌───────────────────┐
│ SessionContext │
└───────────────────┘
│
┌────────────────────────┐ ┌────────────────────────┐
│ UserDefinition │─ ─ ┐ │ ─ ─ ┤ UserModel │
└────────────────────────┘ ┌───────────────────┐ │ └────────────────────────┘
┌────────────────────────┐ └────│ UsersInterface │────┐ ┌────────────────────────┐
│ UserPropertyDefinition │─ ─ ┘ └───────────────────┘ ─ ─ ┤ UserPropertyModel │
└────────────────────────┘ ▲ └────────────────────────┘
│
┌────────────────────────┼─────────────────────────┐
│ │ │
│ │ │
│ │ │
┌───────────────────┐ ┌───────────────────┐ ┌────────────────────┐
│ UsersAnyDataset │ │ UsersDBDataset │ │ xxxxxxxxxxxxxxxxxx │
└───────────────────┘ └───────────────────┘ └────────────────────┘
- UserInterface contain the basic interface for the concrete implementation
- UsersDBDataset is a concrete implementation to retrieve/save user in a Database
- UserAnyDataset is a concrete implementation to retrieve/save user in a Xml file
- UserModel is the basic model get/set for the user
- UserPropertyModel is the basic model get/set for extra user property
- UserDefinition will map the model to the database
Database
The default structure adopted for store the user data in the database through the UsersDBDataset class is the follow:
create table users ( userid integer AUTO_INCREMENT not null, name varchar(50), email varchar(120), username varchar(15) not null, password char(40) not null, created datetime, admin enum('Y','N'), constraint pk_users primary key (userid) ) ENGINE=InnoDB; create table users_property ( customid integer AUTO_INCREMENT not null, name varchar(20), value varchar(100), userid integer not null, constraint pk_custom primary key (customid), constraint fk_custom_user foreign key (userid) references users (userid) ) ENGINE=InnoDB;
Using the database structure above you can create the UsersDBDatase as follow:
<?php $users = new ByJG\Authenticate\UsersDBDataset( 'connection', new \ByJG\Authenticate\Definition\UserDefinition(), new \ByJG\Authenticate\Definition\UserPropertiesDefinition() );
Custom Database
If you have an existing database with different names but containing all fields above you can use the UserDefinition and UserPropertiesDefinition classes for customize this info.
<?php $userDefinition = new \ByJG\Authenticate\Definition\UserDefinition( 'users', // $table \ByJG\Authenticate\Model\UserModel::class, // Model class \ByJG\Authenticate\Definition\UserDefinition::LOGIN_IS_EMAIL, [ UserDefinition::FIELD_USERID => 'fieldname of userid', UserDefinition::FIELD_NAME => 'fieldname of name', UserDefinition::FIELD_EMAIL => 'fieldname of email', UserDefinition::FIELD_USERNAME => 'fieldname of username', UserDefinition::FIELD_PASSWORD => 'fieldname of password', UserDefinition::FIELD_CREATED => 'fieldname of created', UserDefinition::FIELD_ADMIN => 'fieldname of admin' ] );
Adding custom modifiers for read and update
<?php $userDefinition = new \ByJG\Authenticate\Definition\UserDefinition( 'users', // $table \ByJG\Authenticate\Model\User::class, \ByJG\Authenticate\Definition\UserDefinition::LOGIN_IS_EMAIL ); // Defines a custom function to be applied BEFORE update/insert the field UserDefinition::FIELD_PASSWORD // $value --> the current value to be updated // $instance -> The array with all other fields; $userDefinition->defineClosureForUpdate(UserDefinition::FIELD_PASSWORD, function ($value, $instance) { return strtoupper(sha1($value)); }); // Defines a custom function to be applied After the field UserDefinition::FIELD_CREATED is read but before // the user get the result // $value --> the current value retrieved from database // $instance -> The array with all other fields; $userDefinition->defineClosureForSelect(UserDefinition::FIELD_CREATED, function ($value, $instance) { return date('Y', $value); }); // If you want make the field READONLY just do it: $userDefinition->markPropertyAsReadOnly(UserDefinition::FIELD_CREATED);
Extending UserModel
It is possible extending the UserModel table, since you create a new class extending from UserModel to add the new fields.
For example, imagine your table has one field called "otherfield".
You'll have to extend like this:
<?php /** * This class is your model * This need to support the basic field plus your new fields * already set in your definition class */ class MyUserModel extends UserModel { protected $otherfield; public function __construct($name = "", $email = "", $username = "", $password = "", $admin = "no", $field = "") { parent::__construct($name, $email, $username, $password, $admin); $this->setOtherfield($field); } public function getOtherfield() { return $this->otherfield; } public function setOtherfield($otherfield) { $this->otherfield = $otherfield; } }
After that you can use your new definition:
<?php $users = new ByJG\Authenticate\UsersDBDataset( 'connection', new \ByJG\Authenticate\Definition\UserDefinition( 'tablename', MyUserModel::class, UserDefinition::LOGIN_IS_EMAIL ), new \ByJG\Authenticate\Definition\UserPropertiesDefinition() );
Install
Just type:
composer require "byjg/authuser"
Running Tests
Because this project uses PHP Session you need to run the unit test the following manner:
./vendor/bin/phpunit --stderr