gesmuni/slim-skeleton

Gesmuni starter template with authentication and audit logging ready to use

Maintainers

Package info

gitlab.gitlab.videoatencion.com/gesmuni/php-laravel/laravel-slim-skeleton.git

Type:project

pkg:composer/gesmuni/slim-skeleton

Statistics

Installs: 1

Dependents: 0

Suggesters: 0

Security

Advisories: 0

Aikido package health analysis

1.1.0 2026-03-27 10:15 UTC

Requires

Requires (Dev)

AGPL-3.0-or-later 27d4b16f2d9a902e313f712559df4b5e428f5db2

  • Rafa Couto <rafa.woop@floss.cat>

This package is not auto-updated.

Last update: 2026-05-08 11:21:59 UTC

README

A starter template for building Gesmuni applications with Laravel. Includes authentication (gesmuni/laravel-auth-local) and audit logging (gesmuni/laravel-audit-db) ready to use out of the box.

Demo Dashboard

Quick Start

Using Composer Create-Project

composer create-project gesmuni/slim-skeleton my-app
cd my-app
php artisan serve

The create-project command will automatically:

  1. Install dependencies
  2. Create .env from .env.example
  3. Generate application key
  4. Create SQLite database
  5. Run migrations (auth + audit tables)
  6. Seed the auth system and a demo user

Using Docker Compose

docker compose up -d

The container will automatically install dependencies, configure the database, run migrations, and seed the demo user.

To view logs:

docker compose logs -f

To stop:

docker compose down

Using the Setup Script

git clone <repository-url> my-app
cd my-app
bash setup.sh
php artisan serve

Access the Application

Visit http://localhost:8000 and log in with:

  • Email: demo@example.com
  • Password: password

What's Included

Authentication (gesmuni/laravel-auth-local)

  • Session-based login/logout
  • Middleware-protected routes
  • User, role, and permission management via AuthQuery/AuthAdmin services

Audit Logging (gesmuni/laravel-audit-db)

  • Automatic audit events on login (success/failure) and logout
  • Database-backed audit event store with integrity verification
  • Artisan commands for verification and purging:
# Verify integrity of recent events
php artisan gesmuni:audit:verify

# Verify a specific date range
php artisan gesmuni:audit:verify --from=2026-01-01 --to=2026-01-31

# Purge expired events (based on retention policy)
php artisan gesmuni:audit:purge

Dashboard

The default dashboard shows:

  • Authenticated user information (name, email, status)
  • Assigned roles and permissions
  • Recent audit events with 5W details (Who, What, When, Where, Why)

Project Structure

├── app/Http/Controllers/
│   ├── AuthController.php          # Login/logout with audit events
│   └── DashboardController.php     # User info + audit log dashboard
├── app/Http/Middleware/
│   └── Authenticate.php            # Session-based authentication
├── config/
│   ├── app.php                     # Service providers (auth + audit)
│   ├── audit.php                   # Audit retention configuration
│   └── ...                         # Standard Laravel configs
├── database/seeders/
│   └── DemoUserSeeder.php          # Creates demo@example.com user
├── resources/views/
│   ├── layout.blade.php            # Base layout
│   ├── login.blade.php             # Login form
│   └── dashboard.blade.php         # Dashboard with auth + audit info
├── routes/
│   └── web.php                     # Auth and dashboard routes
├── setup.sh                        # Alternative setup script
└── composer.json                   # Dependencies and post-create scripts

Configuration

Audit Retention

Edit config/audit.php to change the retention period:

return [
    'retention_days' => 365, // default: 1 year
];

Database

The skeleton defaults to SQLite. To use MySQL or PostgreSQL, update .env:

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=my_app
DB_USERNAME=root
DB_PASSWORD=

Then run migrations:

php artisan migrate --force

Adding Audit Events

To emit audit events from your application code:

use Gesmuni\Audit\Contracts\AuditEventSink;
use Gesmuni\Audit\Entities\AuditEvent;
use Gesmuni\Audit\ValueObjects\Action;
use Gesmuni\Audit\ValueObjects\Actor;
use Gesmuni\Audit\ValueObjects\Source;
use Ramsey\Uuid\Uuid;

class MyController
{
    public function __construct(
        private readonly AuditEventSink $auditSink,
    ) {}

    public function doSomething(Request $request)
    {
        // ... your logic ...

        $event = new AuditEvent(
            id: Uuid::uuid4()->toString(),
            actor: new Actor($userId, 'HUMAN', $userName),
            action: new Action('create', 'order', $orderId, 'SUCCESS'),
            occurredAt: new \DateTimeImmutable('now', new \DateTimeZone('UTC')),
            source: new Source('web-app', $request->ip()),
        );

        $this->auditSink->receive($event);
    }
}

License

AGPL-3.0-or-later