vectorface / auth
Simple Authentication framework
Installs: 10 081
Dependents: 0
Suggesters: 0
Security: 0
Stars: 5
Watchers: 10
Forks: 4
Open Issues: 0
Requires
- php: >=8.0
- psr/log: ^1.0 || ^2.0 || ^3.0
Requires (Dev)
- monolog/monolog: ^2.0
- phpunit/phpunit: ^9.5.10
- squizlabs/php_codesniffer: ^3.0
This package is auto-updated.
Last update: 2024-11-05 19:12:30 UTC
README
This is a simple authentication framework. It is intended to be used with a variety of interchangeable plugins which can perform authentication, handle sessions, and even authorization. Implementation of these are an exercise left up to others.
use Vectorface\Auth\Auth; use Vectorface\Auth\Plugin\SuccessPlugin; $auth = new Auth(); $auth->addPlugin(new SuccessPlugin()); if ($auth->login($_SERVER['PHP_AUTH_USER'] $_SERVER['PHP_AUTH_PW'])) { // Do super-secret ultra-dangerous things... SuccessPlugin allows everyone! }
Something more useful
To do anything real with this, you need to implement your own authentication plugin. Maybe sprinkle in some other useful things like Authorization.
use Vectorface\Auth\Auth; use Vectorface\Auth\Plugin\BaseAuthPlugin; class MyAuthPlugin extends BaseAuthPlugin { /** * An array of user data. Pretend this is a database. */ private $users = [ 'root' => ['pass' => 'r00t', 'access' => '*'], 'jdoe' => ['pass' => 'jdoe', 'access' => ''] ]; /** * Keep track of the currently logged in user. * * @var string */ private user; /** * Compare credentials against our user "database". */ public function login($username, $password) { if (!isset($this->users[$username])) { return Auth::RESULT_FAILURE; } if ($this->users[$username]['pass'] !== $password) { return Auth::RESULT_FAILURE; } $this->user = $username; return Auth::RESULT_SUCCESS; } /** * A *new* method. This will be exposed via the Auth object. */ public function hasAccess($resource) { if (isset($this->user)) { return $this->users[$this->user]['access'] === '*'; } return false; } } $auth = new Auth(); $auth->addPlugin(new MyAuthPlugin()); if ($auth->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { // You're in! if ($auth->hasAccess('some resource')) { // You're *really* in! } }