horde / auth
Authentication and user management library
Maintainers
Requires
- php: ^7.4 || ^8
- ext-hash: *
- horde/exception: ^3 || dev-FRAMEWORK_6_0
- horde/horde-installer-plugin: dev-FRAMEWORK_6_0 || ^3 || ^2
- horde/translation: ^3 || dev-FRAMEWORK_6_0
- horde/util: ^3 || dev-FRAMEWORK_6_0
Requires (Dev)
- horde/db: ^3 || dev-FRAMEWORK_6_0
Suggests
- ext-ctype: *
- ext-ftp: *
- ext-pam: *
- ext-sasl: *
- horde/db: ^3 || dev-FRAMEWORK_6_0
- horde/history: ^3 || dev-FRAMEWORK_6_0
- horde/http: ^3 || dev-FRAMEWORK_6_0
- horde/imap_client: ^3 || dev-FRAMEWORK_6_0
- horde/imsp: ^3 || dev-FRAMEWORK_6_0
- horde/ldap: ^3 || dev-FRAMEWORK_6_0
- horde/lock: ^3 || dev-FRAMEWORK_6_0
- dev-FRAMEWORK_6_0 / 3.x-dev
- v3.0.0beta3
- v3.0.0beta2
- v3.0.0beta1
- v3.0.0alpha10
- v3.0.0alpha9
- v3.0.0alpha8
- v3.0.0alpha7
- v3.0.0alpha6
- v3.0.0alpha5
- v3.0.0alpha4
- 3.0.0alpha3
- 3.0.0alpha2
- 3.0.0alpha1
- 2.2.2
- 2.2.1
- 2.2.0
- 2.1.12
- 2.1.11
- 2.1.10
- 2.1.9
- 2.1.8
- 2.1.7
- 2.1.6
- 2.1.5
- 2.1.4
- 2.1.2
- dev-feat/auth-test-modernization
- dev-bugf/fix-auth-login-misnamed-property
- dev-FRAMEWORK_5_2
- dev-master
This package is auto-updated.
Last update: 2026-05-02 09:45:41 UTC
README
Authentication and user management library for the Horde framework.
Provides a clean, interface-based architecture for credential validation, transparent authentication, user directory queries, user lifecycle management, and password operations across multiple backends.
New in this version
The main interface has been split into several capability oriented interface. Drivers no longer pseudo implement capabilities they don't really have but only expose those interfaces they really provide, i.e. certificate authentication does no longer provide an interface to list users or change passwords. Authentication results are now objects instead of booleans.
Installation
composer require horde/auth
Interfaces
| Interface | Purpose |
|---|---|
CredentialProvider |
Validate credentials (username + password) |
TransparentProvider |
Assert identity from HTTP request context |
UserDirectory |
Check existence, list, and search users |
UserLifecycleManager |
Add, remove, rename, and update users |
PasswordManager |
Change and reset passwords |
AccessPolicy |
Pre/post-auth hooks for lockout, expiration, rate limiting |
LoginAttemptTracker |
Count and reset failed login attempts |
LockManager |
Lock/unlock user accounts |
Available drivers
Sql, Customsql, Ldap, Passwd, WritablePasswd, Ftp, Http,
Radius, Pam, Peclsasl, Smb, Smbclient, Login, Shibboleth,
X509, Ipbasic, Auto, Mock
Quick example
use Horde\Auth\AuthResultSuccess; use Horde\Auth\Policy\CompoundPolicy; use Horde\Auth\Policy\LockoutPolicy; use Horde\Auth\Sql; use Horde\Auth\Storage\InMemoryAttemptTracker; use Horde\Auth\Storage\InMemoryLockManager; $auth = new Sql(db: $db, encryption: 'crypt-blowfish'); $policy = new CompoundPolicy( new LockoutPolicy(new InMemoryAttemptTracker(), new InMemoryLockManager()), ); $decision = $policy->preAuth('alice'); if (!$decision->isDenied()) { $result = $auth->validate('alice', ['password' => 'secret']); $decision = $policy->postAuth('alice', $result); }
Documentation
- doc/USAGE.md — full usage guide with examples
- doc/UPGRADING.md — migration from legacy
Horde_Auth_Base - doc/examples/ — runnable example scripts
License
LGPL-2.1 - see LICENSE.