Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mgatner/codigniter-shield
Authentication and Authorization for CodeIgniter 4
https://github.com/mgatner/codigniter-shield
Last synced: 3 months ago
JSON representation
Authentication and Authorization for CodeIgniter 4
- Host: GitHub
- URL: https://github.com/mgatner/codigniter-shield
- Owner: MGatner
- License: mit
- Fork: true (codeigniter4/shield)
- Created: 2021-02-25T14:03:30.000Z (almost 4 years ago)
- Default Branch: develop
- Last Pushed: 2022-11-30T15:06:39.000Z (about 2 years ago)
- Last Synced: 2023-03-02T15:02:48.724Z (almost 2 years ago)
- Language: PHP
- Size: 2.62 MB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Security: SECURITY.md
Awesome Lists containing this project
README
# CodeIgniter Shield
[](https://github.com/codeigniter4/shield/actions/workflows/test.yml)
[](https://github.com/codeigniter4/shield/actions/workflows/analyze.yml)
[](https://github.com/codeigniter4/shield/actions/workflows/inspect.yml)
[](https://coveralls.io/github/codeigniter4/shield?branch=develop)
Shield is an authentication and authorization framework for CodeIgniter 4. While it does provide a base set of tools
that are commonly used in websites, it is designed to be flexible and easily customizable.
The primary goals for Shield are:
1. It must be very flexible and allow developers to extend/override almost any part of it.
2. It must have security at its core. It is an auth lib after all.
3. To cover many auth needs right out of the box, but be simple to add additional functionality to.
## Authentication Methods
Shield provides two primary methods of authentication out of the box:
**Session-based**
This is your typical email/username/password system you see everywhere. It includes a secure "remember me" functionality.
This can be used for standard web applications, as well as for single page applications. Includes full controllers and
basic views for all standard functionality, like registration, login, forgot password, etc.
**Personal Access Codes**
These are much like the access codes that GitHub uses, where they are unique to a single user, and a single user
can have more than one. This can be used for API authentication of third-party users, and even for allowing
access for a mobile application that you build.
## Getting Started
### Prerequisites
Usage of Shield requires the following:
- A [CodeIgniter 4](https://github.com/codeigniter4/CodeIgniter4/)-based project
- [Composer](https://getcomposer.org/) for package management
- PHP 7.4+
### Installation
Installation is done through Composer.
> composer require codeigniter4/shield
See the [docs](docs) folder more specific instructions on installation and usage recommendations.
## Contributing
Shield does accept and encourage contributions from the community in any shape. It doesn't matter
whether you can code, write documentation, or help find bugs, all contributions are welcome.
## License
This project is licensed under the MIT License - see the [LICENSE.md](LICENSE) file for details.
## Acknowledgements
Every open-source project depends on it's contributors to be a success. The following users have
contributed in one manner or another in making Shield:
Made with [contrib.rocks](https://contrib.rocks).
The following articles/sites have been fundamental in shaping the security and best practices used
within this library, in no particular order:
- [Google Cloud: 12 Best Practices For User Accounts](https://cloud.google.com/blog/products/gcp/12-best-practices-for-user-account)
- [NIST Digital Identity Guidelines](https://pages.nist.gov/800-63-3/sp800-63b.html)
- [Implementing Secure User Authentication in PHP Applications with Long-Term Persistence (Login with "Remember Me" Cookies) ](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence)