dereuromark / cakephp-tinyauth-backend
A CakePHP plugin for DB based authentication and authorization handling
Maintainers
Package info
github.com/dereuromark/cakephp-tinyauth-backend
Type:cakephp-plugin
pkg:composer/dereuromark/cakephp-tinyauth-backend
Requires
- php: >=8.2
- cakephp/cakephp: ^5.1.1
- dereuromark/cakephp-tinyauth: ^5.0.0
Requires (Dev)
- cakephp/authorization: ^3.0
- fig-r/psr2r-sniffer: dev-master
- phpunit/phpunit: ^11.5 || ^12.1 || ^13.0
This package is auto-updated.
Last update: 2026-04-23 00:05:39 UTC
README
A database driven backend for CakePHP TinyAuth plugin. This replaces the native INI file approach.
This branch is for use with CakePHP 5.1+. For details see version map.
Installation
Install the plugin with composer from your CakePHP project's ROOT directory (where composer.json file is located)
composer require dereuromark/cakephp-tinyauth-backend
It will auto-require dereuromark/cakephp-tinyauth dependency.
Admin Access Requirement
The plugin mounts its admin UI under /admin/auth.
As of the current master, admin access is fail-closed outside debug mode:
debug = true: the admin UI is accessible by default for local setup and demosdebug = false: the admin UI returns403unless your app explicitly configuresTinyAuthBackend.editorCheck
Production apps should always set TinyAuthBackend.editorCheck to a callable that decides who may edit TinyAuth rules:
use Cake\Core\Configure; use Psr\Http\Message\ServerRequestInterface; Configure::write( 'TinyAuthBackend.editorCheck', function (mixed $identity, ServerRequestInterface $request): bool { if ($identity === null) { return false; } $roleId = is_object($identity) && method_exists($identity, 'get') ? $identity->get('role_id') : ($identity['role_id'] ?? null); return (int)$roleId === 3; }, );
Usage
See Docs.