Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/workofstan/seablast-auth
Seablast-Auth is a no-password authentication and authorization library for Seablast for PHP apps. It ensures secure user verification and access control, with optional HybridAuth integration for social media sign-ins. Installable via Composer, it activates as needed, equipping your app with essential security features effortlessly.
https://github.com/workofstan/seablast-auth
Last synced: about 9 hours ago
JSON representation
Seablast-Auth is a no-password authentication and authorization library for Seablast for PHP apps. It ensures secure user verification and access control, with optional HybridAuth integration for social media sign-ins. Installable via Composer, it activates as needed, equipping your app with essential security features effortlessly.
- Host: GitHub
- URL: https://github.com/workofstan/seablast-auth
- Owner: WorkOfStan
- License: mit
- Created: 2024-05-13T10:28:21.000Z (6 months ago)
- Default Branch: main
- Last Pushed: 2024-11-08T12:33:15.000Z (6 days ago)
- Last Synced: 2024-11-08T13:35:03.581Z (6 days ago)
- Language: PHP
- Size: 34.2 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
README
# `Seablast\Auth`
A no-password authentication and authorization extension for [Seablast for PHP](https://github.com/WorkOfStan/seablast) apps.
This extension facilitates secure user verification and efficient access control.
Optionally, `Seablast\Auth` integrates with the HybridAuth library to support social authentication, allowing seamless sign-in through various social media platforms.
Integrable via Composer, it activates only when required, equipping your app with essential security features effortlessly.
If your Seablast-based application necessitates user authentication or resource authorization, incorporating `Seablast\Auth` will equip it with these capabilities instantly.
(For applications that do not require these features, `Seablast\Auth` can simple be not included to maintain a lighter application footprint.)
## Usage
When just getting the identity of a logged-in user is needed:
```php
// Instantiate the IdentityManager class with `\mysqli`
$identity = new IdentityManager($this->configuration->dbms());
// If prefix is used, inject it
$identity->setTablePrefix($this->configuration->dbmsTablePrefix());
```
To create the expected database table structure, just add the seablast/auth migration path to the phinx.php configuration, e.g.
```php
'paths' => [
'migrations' => [
'%%PHINX_CONFIG_DIR%%/db/migrations',
'%%PHINX_CONFIG_DIR%%/../vendor/seablast/auth/conf/db/migrations',
],
'seeds' => '%%PHINX_CONFIG_DIR%%/db/seeds'
],
```
### Routing
`/user` is expected, so configure it within your `conf/app.conf.php` like this:
```php
->setArrayArrayString(
SeablastConstant::APP_MAPPING,
'/user',
[
'template' => 'user', // your latte template including login-form.latter
'model' => '\Seablast\Auth\UserModel',
]
)
```
### View
`\Seablast\Auth\UserModel` returns arguments ($configuration, $csrfToken, $message, $showLogin, $showLogout) for the user.latte template:
```latte
{include '../vendor/seablast/auth/views/login-form.latte'}
```
## Testing
Run [./test.sh](./test.sh) for essential PHPUnit tests:
- create token and use it,
- check its disapperance as it's valid only once,
- invalid emails is not accepted,
- SQL injection attempts is not accepted.
## User management
- user MUST have one role (admin, content manager, ordinary user)
- user MAY belong to various groups (based on subscription tariff, a promotion, etc.)