indigophp / guardian
This package is abandoned and no longer maintained.
The author suggests using the guardianphp/guardian package instead.
Simple and flexible authentication framework
dev-master / 0.1.x-dev
2015-04-20 18:42 UTC
Requires
- php: >=5.4
- beberlei/assert: ~2.3
- indigophp/hash-compat: ~1.0
- ircmaxell/password-compat: ~1.0
- ramsey/array_column: ~1.1
Requires (Dev)
- henrikbjorn/phpspec-code-coverage: ~1.0
- phpspec/phpspec: ~2.1
- sobstel/sesshin: 1.1.*@dev
Suggests
- sobstel/sesshin: Used in Sesshin session adapter
This package is not auto-updated.
Last update: 2022-02-01 12:44:52 UTC
README
Simple and flexible authentication framework.
Install
Via Composer
$ composer require indigophp/guardian
Usage
This library provides an easy way to authenticate any entity with OR without persisting and calling it "login".
A simple login example:
use Indigo\Guardian\Identifier\InMemory; use Indigo\Guardian\Authenticator\UserPassword; use Indigo\Guardian\Hasher\Plaintext; use Indigo\Guardian\SessionAuth; use Indigo\Guardian\Session\Native; $identifier = new InMemory([ 1 => [ 'username' => 'john.doe', 'password' => 'secret', 'name' => 'John Doe', ], ]); $authenticator = new UserPassword(new Plaintext); $session = new Native; $auth = new SessionAuth($identifier, $authenticator, $session); // returns true to indicate success $auth->login([ 'username' => 'john.doe', 'password' => 'secret', ]);
Later, when login succeeds, check for the current login:
// returns true/false $auth->check(); // returns the current caller $caller = $auth->getCurrentCaller();
And logout at the end:
// returns true/false $auth->logout();
API Authentication
Since Guardian is an authentication library, you can easily use it to authenticate API requests without persistence. To achieve this, see the following simple authentication service:
use Indigo\Guardian\Identifier\InMemory; use Indigo\Guardian\Authenticator\UserPassword; use Indigo\Guardian\Hasher\Plaintext; use Indigo\Guardian\RequestAuth; $identifier = new InMemory([ 1 => [ 'username' => 'john.doe', 'password' => 'secret', 'name' => 'John Doe', ], ]); $authenticator = new UserPassword(new Plaintext); $auth = new RequestAuth($identifier, $authenticator); $subject = [ 'username' => 'john.doe', 'password' => 'secret', ]; // returns true to indicate success $auth->authenticate($subject); // returns the caller object if identify succeeds $caller = $auth->authenticateAndReturn($subject);
Testing
$ phpspec run
Contributing
Please see CONTRIBUTING for details.
Credits
License
The MIT License (MIT). Please see License File for more information.