paneric / authentication
Requires
- ext-json: *
- ext-pdo: *
- paneric/csr-triad: ^3.0
- paneric/data-object: ^1.0
- paneric/data-values: ^1.0
- paneric/dbal: ^1.0
- paneric/dto: ^2.0
- paneric/guard: ^1.0
- paneric/interfaces-hydrator: ^2.0
- paneric/interfaces-session: ^1.1
- paneric/interfaces-validator: ^1.0
- paneric/mailer-factory: ^1.0
- phpmailer/phpmailer: ^6.1
- psr/http-message: ^1.0
- psr/http-server-middleware: ^1.0
Requires (Dev)
- paneric/session-wrapper: ^1.0
- paneric/twig-builder: ^1.0
- phpspec/phpspec: ^6.0
- roave/security-advisories: dev-master
- dev-master
- v3.0.3
- v3.0.2
- v3.0.1
- v3.0.0
- v2.0.4
- v2.0.3.x-dev
- v2.0.3
- v2.0.2
- v2.0.1
- v2.0.0
- v1.1.19
- v1.1.18
- v1.1.17
- v1.1.16
- v1.1.15
- v1.1.14
- v1.1.13
- v1.1.12
- v1.1.11
- v1.1.10
- v1.1.9
- v1.1.8
- v1.1.7
- v1.1.6
- v1.1.5
- v1.1.4
- v1.1.3
- v1.1.2
- v1.1.1
- v1.1.0
- v1.0.19
- v1.0.18
- v1.0.17
- v1.0.16
- v1.0.15
- v1.0.14
- v1.0.13
- v1.0.12
- v1.0.11
- v1.0.10
- v1.0.9
- v1.0.8
- v1.0.7
- v1.0.6
- v1.0.5
- v1.0.4
- v1.0.3
- v1.0.2
- v1.0.1
- v1.0.0
- dev-dev
- dev-feature/dbal_integration
- dev-readme/initial
- dev-feature/recaptcha
This package is auto-updated.
Last update: 2024-04-11 04:05:52 UTC
README
Authentication package. Very straightforward, but things become interesting when you take the whole "menu".
In the simplest approach, the package consists of three services depending on three interfaces, requiring slight support of phpmailer and simple configuration.
For a little bit more detailed integration, take a look at delivered within the package supplements like middleware, controller, routes, translation file example, Twig templates forms with csrf protection and recaptcha implementation ...
Required
- PHP 7.1+
File structure
- authentication
- sql
- credentials.sql (sql script for credentials table creation)
- src
- ORM (optional - ORM Doctrine support classes)
- Credential.php
- CredentialRepository.php
- ORMRepository.php
- PDO (optional - PDO Paneric support classes)
- CredentialRepository.php
- PDORepository.php
- Service
- AuthenticationService.php
- CredentialService.php
- MailerService.php
- templates (optional - set of propositions for Twig form templates)
- ...
- AuthenticationController.php (optional)
- AuthenticationMiddleware.php (optional)
- ClientController.php (optional - base controller)
- CredentialDTO.php
- CredentialRepositoryInterface.php
- RecaptchaV3Middleware.php (optional - captcha validator for reCaptcha v3 integration)
- ORM (optional - ORM Doctrine support classes)
- ... (few useful configuration examples and some other staff)
- sql
composer
composer require paneric/authentication
1. Integration
1.1 Basic integration interfaces:
In this case, first, you need to prepare yourself three adapters of your favorites tools related to database layer, session and security, implementing the following interfaces:
- CredentialRepositoryInterface.php (delivered with the package)
- SessionInterface.php
- GuardInterface.php
In relation to the first one, ORM Doctrine and PDO Paneric adapters examples are delivered by default if you managed to check the file structure with a bit of attention. To serve them, use your favorites solutions or consider:
For the rest you can alternatively give a try for Paneric packages:
1.2 Basic integration configuration: (PHP-DI example)
CredentialService.php
return [
'credential_service_config' => [
'role_id' => 3,
'csrf_hash_field_name' => 'csrf_hash',
],
];
- role_id: this is an integer value of your base user role identity, required by implemented authorization solution in your project.
- csrf_hash_field_name: this is a name of your forms csrf hash field.
MailerService.php
return [
'mailer_service_config' => [
'random_string_length' => 128,
'activation_url' => 'http://127.0.0.1:8080/authe',
'activation_time_delay' => 24,
'reset_url' => 'http://127.0.0.1:8080/authe',
'reset_time_delay' => 24,
'mail_content' => [
'activation_email_subject' => [
'en' => 'Account activation automatic message.',
'...' => '',
],
'activation_email_message' => [
'en' => 'Please click the following link within %sh to activate your account: %s/%s/%s/activate .',
'...' => '',
],
'reset_email_subject' => [
'en' => 'Password reset automatic message.',
'...' => '',
],
'reset_email_message' => [
'en' => 'Please click the following link within %sh to reset your account password: %s/%s/%s/reset .',
'...' => '',
],
],
],
];
1.2 Basic integration instantiation: (PHP-DI example)
return [
MailerService::class => function (Container $container): MailerService {
return new MailerService(
$container->get(SessionInterface::class),
$container->get(GuardInterface::class),
$container->get('php_mailer'),
$container->get('mailer_service_config'),
(string) $container->get('local')
);
},
CredentialService::class => function (Container $container): CredentialService {
return new CredentialService(
$container->get(CredentialRepositoryInterface::class),
$container->get(SessionInterface::class),
$container->get(GuardInterface::class),
$container->get('credential_service_config')
);
},
AuthenticationService::class => function (Container $container): AuthenticationService {
return new AuthenticationService(
$container->get(MailerService::class),
$container->get(CredentialService::class),
$container->get(GuardInterface::class),
$container->get(SessionInterface::class)
);
},
];
Final notice.
Now the only thing that needs to be done is inserting the AuthenticationService into your controller. As the example approach or even final integration take a look as mentioned before at AuthenticationController, routes and form templates that present csrf, recaptcha, translation, flash and validation messages integration.
Last but not least.
CredentialService requires validation information inserted into request as follows:
$validation = $request->getAttribute('validation');
$validation = [
CredentialDTO::class => [
'ref' => [
'ref error message 1',
'...'
],
'password_hash' => [
'password_hash error message 1',
'...'
],
],
];
// or empty if there is no validation errors detected:
$validation = [
CredentialDTO::class => [],
];