indigophp/guardian

This package is abandoned and no longer maintained. The author suggests using the guardianphp/guardian package instead.

Simple and flexible authentication framework

dev-master / 0.1.x-dev 2015-04-20 18:42 UTC

This package is not auto-updated.

Last update: 2019-02-20 18:26:57 UTC


README

Latest Version Software License Build Status Code Coverage Quality Score HHVM Status Total Downloads

Simple and flexible authentication framework.

Install

Via Composer

$ composer require indigophp/guardian

Usage

This library provides an easy way to authenticate any entity with OR without persisting and calling it "login".

A simple login example:

use Indigo\Guardian\Identifier\InMemory;
use Indigo\Guardian\Authenticator\UserPassword;
use Indigo\Guardian\Hasher\Plaintext;
use Indigo\Guardian\SessionAuth;
use Indigo\Guardian\Session\Native;

$identifier = new InMemory([
    1 => [
        'username' => 'john.doe',
        'password' => 'secret',
        'name'     => 'John Doe',
    ],
]);

$authenticator = new UserPassword(new Plaintext);
$session = new Native;

$auth = new SessionAuth($identifier, $authenticator, $session);

// returns true to indicate success
$auth->login([
    'username' => 'john.doe',
    'password' => 'secret',
]);

Later, when login succeeds, check for the current login:

// returns true/false
$auth->check();

// returns the current caller
$caller = $auth->getCurrentCaller();

And logout at the end:

// returns true/false
$auth->logout();

API Authentication

Since Guardian is an authentication library, you can easily use it to authenticate API requests without persistence. To achieve this, see the following simple authentication service:

use Indigo\Guardian\Identifier\InMemory;
use Indigo\Guardian\Authenticator\UserPassword;
use Indigo\Guardian\Hasher\Plaintext;
use Indigo\Guardian\RequestAuth;

$identifier = new InMemory([
    1 => [
        'username' => 'john.doe',
        'password' => 'secret',
        'name'     => 'John Doe',
    ],
]);

$authenticator = new UserPassword(new Plaintext);

$auth = new RequestAuth($identifier, $authenticator);

$subject = [
    'username' => 'john.doe',
    'password' => 'secret',
];

// returns true to indicate success
$auth->authenticate($subject);

// returns the caller object if identify succeeds
$caller = $auth->authenticateAndReturn($subject);

Testing

$ phpspec run

Contributing

Please see CONTRIBUTING for details.

Credits

License

The MIT License (MIT). Please see License File for more information.