seablast/auth

No-password authentication and authorisation library for Seablast for PHP

Maintainers

Details

github.com/WorkOfStan/seablast-auth

Source

Issues

Installs: 302

Dependents: 0

Suggesters: 1

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

v0.1.2 2024-12-20 18:07 UTC

Requires

Requires (Dev)

MIT 94f19b8437c74499d60e7c5352cc6f5c830aff55

  • Stanislav Rejthar <rejthar.woop@stanislavrejthar.com>

This package is auto-updated.

Last update: 2024-12-20 18:07:56 UTC

README

A no-password authentication and authorization extension for Seablast for PHP apps. This extension facilitates secure user verification and efficient access control.

Optionally, Seablast\Auth integrates with the HybridAuth library (actually it's not maintained so other venues must be explored) to support social authentication, allowing seamless sign-in through various social media platforms. Integrable via Composer, it activates only when required, equipping your app with essential security features effortlessly. If your Seablast-based application necessitates user authentication or resource authorization, incorporating Seablast\Auth will equip it with these capabilities instantly. (For applications that do not require these features, Seablast\Auth can simple be not included to maintain a lighter application footprint.)

User management

  • user MUST have one role (admin, content manager, ordinary user)
  • user MAY belong to various groups (based on subscription tariff, a promotion, etc.)

Usage

When just getting the identity of a logged-in user is needed:

    // Instantiate the IdentityManager class with `\mysqli`
    $identity = new IdentityManager($this->configuration->dbms());
    // If prefix is used, inject it
    $identity->setTablePrefix($this->configuration->dbmsTablePrefix());

To create the expected database table structure, just add the seablast/auth migration path to the phinx.php configuration, e.g.

    'paths' => [
        'migrations' => [
            '%%PHINX_CONFIG_DIR%%/db/migrations',
            '%%PHINX_CONFIG_DIR%%/../vendor/seablast/auth/conf/db/migrations',
        ],
        'seeds' => '%%PHINX_CONFIG_DIR%%/db/seeds'
    ],

Routing

/user is the default route to the user log-in/log-out page, so configure it within your conf/app.conf.php like this:

        //->setString(AuthConstant::USER_ROUTE, '/user') // can be changed
        ->setArrayArrayString(
            SeablastConstant::APP_MAPPING,
            '/user',
            [
                'template' => 'user', // your latte template including login-form.latte
                'model' => '\Seablast\Auth\UserModel',
            ]
        )

Note: already Seablast::v0.2.5 is using the default settings in the conf/app.conf.php.

View

\Seablast\Auth\UserModel returns arguments ($configuration, $csrfToken, $message, $showLogin, $showLogout) for the user.latte template:

{include '../vendor/seablast/auth/views/login-form.latte'}

Testing

Run ./test.sh for essential PHPUnit tests:

  • create token and use it,
  • check its disapperance as it's valid only once,
  • invalid emails is not accepted,
  • SQL injection attempts is not accepted.