seablast/auth

No-password authentication and authorisation library for Seablast for PHP

Maintainers

Details

github.com/WorkOfStan/seablast-auth

Source

Issues

Installs: 182

Dependents: 0

Suggesters: 1

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v0.1.1 2024-06-03 09:04 UTC

Requires

Requires (Dev)

MIT e77a0f6f6d514716d035af05dd57bd115f1b4085

  • Stanislav Rejthar <rejthar.woop@stanislavrejthar.com>

This package is auto-updated.

Last update: 2024-11-10 10:15:17 UTC

README

A no-password authentication and authorization extension for Seablast for PHP apps. This extension facilitates secure user verification and efficient access control.

Optionally, Seablast\Auth integrates with the HybridAuth library to support social authentication, allowing seamless sign-in through various social media platforms. Integrable via Composer, it activates only when required, equipping your app with essential security features effortlessly. If your Seablast-based application necessitates user authentication or resource authorization, incorporating Seablast\Auth will equip it with these capabilities instantly. (For applications that do not require these features, Seablast\Auth can simple be not included to maintain a lighter application footprint.)

Usage

When just getting the identity of a logged-in user is needed:

    // Instantiate the IdentityManager class with `\mysqli`
    $identity = new IdentityManager($this->configuration->dbms());
    // If prefix is used, inject it
    $identity->setTablePrefix($this->configuration->dbmsTablePrefix());

To create the expected database table structure, just add the seablast/auth migration path to the phinx.php configuration, e.g.

    'paths' => [
        'migrations' => [
            '%%PHINX_CONFIG_DIR%%/db/migrations',
            '%%PHINX_CONFIG_DIR%%/../vendor/seablast/auth/conf/db/migrations',
        ],
        'seeds' => '%%PHINX_CONFIG_DIR%%/db/seeds'
    ],

Routing

/user is expected, so configure it within your conf/app.conf.php like this:

        ->setArrayArrayString(
            SeablastConstant::APP_MAPPING,
            '/user',
            [
                'template' => 'user', // your latte template including login-form.latter
                'model' => '\Seablast\Auth\UserModel',
            ]
        )

View

\Seablast\Auth\UserModel returns arguments ($configuration, $csrfToken, $message, $showLogin, $showLogout) for the user.latte template:

{include '../vendor/seablast/auth/views/login-form.latte'}

Testing

Run ./test.sh for essential PHPUnit tests:

  • create token and use it,
  • check its disapperance as it's valid only once,
  • invalid emails is not accepted,
  • SQL injection attempts is not accepted.

User management

  • user MUST have one role (admin, content manager, ordinary user)
  • user MAY belong to various groups (based on subscription tariff, a promotion, etc.)