jasny / auth
Authentication, authorization and access control for Slim Framework and other PHP micro-frameworks
Installs: 14 742
Dependents: 1
Suggesters: 0
Security: 0
Stars: 111
Watchers: 13
Forks: 35
Open Issues: 1
Requires
- php: >=8.2.0
- improved/iterable: ^0.1.4
- jasny/immutable: ^2.1
- psr/clock: ^1.0
- psr/event-dispatcher: ^1.0
- psr/http-factory: ^1.0
- psr/http-message: ^1.1
- psr/http-server-middleware: ^1.0
- psr/log: ^1.1
Requires (Dev)
- ext-bcmath: *
- hashids/hashids: ^4.1 | ^5.0
- jasny/phpunit-extension: ^0.5.1
- lcobucci/clock: ^3.2
- lcobucci/jwt: ^4.0 | ^5.0
- phpstan/phpstan: ^1.12.0
- phpunit/phpunit: ^11.3
- squizlabs/php_codesniffer: ^3.10
Conflicts
- hashids/hashids: < 4.1
- lcobucci/jwt: < 4.0
- dev-master
- v2.x-dev
- v2.2.1
- v2.2.0
- v2.1.0
- v2.0.1
- v2.0.0
- v2.0.0-beta7
- v2.0.0-beta6
- v2.0.0-beta5
- v2.0.0-beta4
- v2.0.0-beta3
- v2.0.0-beta2
- v2.0.0-beta1
- v1.0.1
- v1.0.0
- v1.0.0-beta9
- v1.0.0-beta8
- v1.0.0-beta7
- v1.0.0-beta6
- v1.0.0-beta5
- v1.0.0-beta4
- v1.0.0-beta3
- v1.0.0-beta2
- v1.0.0-beta1
- dev-user-class
- dev-token_confirmation
- dev-jwt
- dev-hmac
This package is auto-updated.
Last update: 2024-12-03 21:21:26 UTC
README
Jasny Auth
Authentication, authorization and access control for Slim Framework and other PHP micro-frameworks.
Features
- Multiple authorization strategies, like groups (for acl) and levels.
- Authorization context (eg. "is the user an admin of this team?").
- PSR-14 events for login and logout.
- PSR-15 middleware for access control.
- Session invalidation, explicit or implicit (eg. after password change).
- Multi-factor authentication support.
- JWT and Bearer authentication support.
- Confirmation tokens for sign up confirmation and forgot-password.
- PSR-3 logging of interesting events.
- Customizable to meet the requirements of your application.
Installation
Install using composer
composer require jasny/auth
Usage
Auth
is a composition class. It takes an authz, storage, and optionally a confirmation service.
use Jasny\Auth\Auth; use Jasny\Auth\Authz\Levels; $levels = new Levels(['user' => 1, 'moderator' => 10, 'admin' => 100]); $auth = new Auth($levels, new AuthStorage()); session_start(); $auth->initialize(); // Later... if (!$auth->is('admin')) { http_response_code(403); echo "Access denied"; exit(); }
The Auth
service isn't usable until it's initialized. This should be done after the session is started.
session_start(); $auth->initialize();
Documentation
- Home
- Setup
- Authentication
- Authorization
- Sessions
- Middleware (for access control)
- MFA (Multi-factor authentication)
- TOTP (aka Google authenticator)
- Confirmation
- Random token
- Hashids
- Examples
- Logging