namboy94/welwitschi-auth

Authentication Library for PHP 7.1+

Maintainers

Details

github.com/namboy94/welwitschi-auth

Homepage

Source

Issues

Installs: 227

Dependents: 1

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

1.2.4 2018-06-05 22:08 UTC

Requires

  • php: >=7.1.0
  • ext-mysqli: *

Requires (Dev)

GPL-3.0-or-later 363462132c8ce6a9c2615eb524539f61ae9eade4

Authenticationauth

This package is not auto-updated.

Last update: 2024-04-19 21:50:47 UTC

README

master develop
build status build status

Logo

Welwitschi-Auth is an authentication library for use in websites written in PHP. It offers an object-oriented abstraction over rows stored in a MySQL/MariaDB database.

Accounts created by this library all receive a unique ID in the database. Usernames and email addresses are also unique, it is not possible to have duplicate entries.

Upon creation of an account, the account will need to be confirmed before being able to log in or generate API keys.

A user is able to log in with exactly one device at a time, as well as have one active API token.

Security

Passwords, API Tokens and Login Tokens are all stored salted and hashed using the builtin password_hash() function. The algorithm used to hash the password is PASSWORD_BCRYPT.

All SQL Statements with variable values are properly escaped to avoid SQL injection.

Usernames and Email addresses are sanitized using html htmlspecialchars to avoid Cross-Site-Scripting attacks (XSS).

Installation

You can use welwitschi-auth by adding the requirement

"namboy94/welwitschi-auth": "dev-master"

to your composer.json file an then running composer install. You can then find the classes in vendor/namboy94/welwitschi-auth/src. Thanks to autoloader, you should be able to easily access the classes from cheetah-bets.

Documentation

All classes and methods are documented using DocBlock comments. Additional Documentation can be found in doc.

Further Information