wbc/auth-redux

A drop in modern replacement for most existing PEAR Auth configurations.

Maintainers

Details

gitlab.com/philo23/auth-redux

Source

Issues

Installs: 41

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Forks: 0

v0.9.6 2018-07-16 11:32 UTC

Requires

  • php: ^5.3.3 || ^7.0

Requires (Dev)

MIT e5a8ed78e3b0c80ce55807821989203e51a3a5ce

  • Philip Pryce <philip.pryce.woop@me.com>

PEARauthreplacement

This package is auto-updated.

Last update: 2024-09-17 00:46:26 UTC

README

A modern drop in replacement for PEAR/Auth that covers most of the original public API. But can also be used separately for any simple authentication needs.

Example usage

// Optionally globally define the legacy PEAR\Auth constants
// like AUTH_WRONG_LOGIN if they're used in your code.
WBC\Auth\LegacyPEARAuth::defineLegacyConstants();

$redux = new WBC\Auth\Redux(
    // Choose a storage that looks up your users, often a database.
    new WBC\Auth\Storage\PDO($db),
    // Choose a hashing layer, several are available.
    new WBC\Auth\Hashing\Standard(),
    // Choose a session layer to store the currently logged in user.
    new WBC\Auth\Session\Standard()
);

// Finally we just wrap $redux in a compatibility layer
// that emulates PEAR/Auth
$auth = new WBC\Auth\LegacyPEARAuth($redux, 'your_login_function');

// You can now just continue to use your existing code that relies
// on PEAR/Auth

More examples are available in the examples directory.

Features not implemented

FeatureStatusReason
Idle and Expiry timersNot implementedNot implemented.
setExpire(), setIdle() and sessionValidThru()Not ImplementedIdle and expiry timers not implemented.
"Advanced security" checksNot ImplementedNot implemented.
setAdvancedSecurity()Not ImplementedAdvanced security checks not implemented.
log() and attachLogObserver()Outside scopeLogging is outside of scope for this Authentication class.
removeUser(), addUser() and listUsers()Outside scopeRemoving, adding and listing of users is outside of scope for this Authentication class.
setSessionName()DeprecatedNot relevant, the Session layer replaces this.
setAuth()DeprecatedCan't see a good reason for manually setting logged in username.
deleteAuthData()DeprecatedCan't see a good reason for deleting session data.
staticCheckAuth()DeprecatedCan't see a good reason to bake-in static access the Auth class

Differences

  • Calling getAuthData() with no arguments returns an array of all the "auth data" available for the current user. However unlike PEAR\Auth, the username field will also be included in this array.

Customisation

You can write your own Storage, Hashing and Session layer by implementing the respective StorageInterface, HashingInterface and SessionInterface interfaces in your own classes.

License

This project is licensed under the MIT License - see the LICENSE file for details