Simple Authentication framework

v0.1.0 2015-01-24 02:32 UTC

README

Build Status Code Coverage Latest Stable Version License: MIT

This is a simple authentication framework. It is intended to be used with a variety of interchangeable plugins which can perform authentication, handle sessions, and even authorization. Implementation of these are an exercise left up to others.

use Vectorface\Auth\Auth;
use Vectorface\Auth\Plugin\SuccessPlugin;

$auth = new Auth();
$auth->addPlugin(new SuccessPlugin());

if ($auth->login($_SERVER['PHP_AUTH_USER'] $_SERVER['PHP_AUTH_PW'])) {
	// Do super-secret ultra-dangerous things... SuccessPlugin allows everyone!
}

Something more useful

To do anything real with this, you need to implement your own authentication plugin. Maybe sprinkle in some other useful things like Authorization.

use Vectorface\Auth\Auth;
use Vectorface\Auth\Plugin\BaseAuthPlugin;

class MyAuthPlugin extends BaseAuthPlugin
{
	/**
	 * An array of user data. Pretend this is a database.
	 */
	private $users = [
		'root' => ['pass' => 'r00t', 'access' => '*'],
		'jdoe' => ['pass' => 'jdoe', 'access' => '']
	];

	/**
	 * Keep track of the currently logged in user.
	 *
	 * @var string
	 */
	private user;

	/**
	 * Compare credentials against our user "database".
	 */
	public function login($username, $password)
	{
		if (!isset($this->users[$username])) {
			return Auth::RESULT_FAILURE;
		}

		if ($this->users[$username]['pass'] !== $password) {
			return Auth::RESULT_FAILURE;
		}

		$this->user = $username;

		return Auth::RESULT_SUCCESS;
	}

	/**
	 * A *new* method. This will be exposed via the Auth object.
	 */
	public function hasAccess($resource)
	{
		if (isset($this->user)) {
			return $this->users[$this->user]['access'] === '*';
		}
		return false;
	}
}

$auth = new Auth();
$auth->addPlugin(new MyAuthPlugin());

if ($auth->login($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
	// You're in!
	if ($auth->hasAccess('some resource')) {
		// You're *really* in!
	}
}