jandreasn/lockout-authentication

This package is abandoned and no longer maintained. The author suggests using the andreasnij/lockout-authentication package instead.

Simple authenticator with lockout.

Maintainers

Details

github.com/andreasnij/lockout-authentication

Homepage

Source

Issues

Installs: 41 086

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 2

Forks: 0

Open Issues: 0

2.0 2022-01-18 23:09 UTC

Requires

  • php: >=7.4

Requires (Dev)

MIT e0c3cf28e60a2687e1e153a49a419cb7570cd01f

  • Andreas Nilsson

Authenticationauthenticator

This package is auto-updated.

Last update: 2023-03-02 21:44:00 UTC

README

Latest Stable Version

This simple PHP authenticator uses the built-in PHP password hashing and verification functions to authenticate user objects implementing the provided interface. It has a lockout mechanism preventing users from logging in for a few seconds after they failed to login multiple times, making brute force attacks less effective.

Installation

Add the package as a requirement to your composer.json:

$ composer require andreasnij/lockout-authenticator

Usage

use LockoutAuthentication\Authenticator;

$authenticator = new Authenticator();
if ($authenticator->authenticate($user, $_POST['password'])) {
    // Place code to login user here
    echo 'You are now logged in!';
} elseif ($authenticator->isLoginBlocked()) {
    echo 'Your account has temporarily been locked due to multiple '
        . 'failed login attempts. Try again later.';
} else {
    echo 'The username or password is incorrect!';
}

// Place code to save the $user object to persistent storage here

Requirements

  • Lockout Authenticator requires PHP 7.4 or above.

Author

Andreas Nilsson http://github.com/andreasnij

License

Lockout Authenticator is licensed under the MIT License - see the LICENSE file for details.