Recommend this page to a friend! |
Download |
Info | Example | Files | Install with Composer | Download | Reputation | Support forum | Blog | Links |
Ratings | Unique User Downloads | Download Rankings | ||||
Not enough user ratings | Total: 203 | All time: 8,454 This week: 50 |
Version | License | PHP version | Categories | |||
authone 1.0.0 | GNU Lesser Genera... | 5 | PHP 5, Databases, User Management |
<?php |
This library is a simple authentication system that allow different types of Authentication.
Type of Authentication (how the authentication will work)
| PHP Session | User and Password | Token | JWTLITE | |------------------------------------|--------------------|--------------------------|----------------------| | | | | |
Type of user storage (where the user will be stored and validate when login)
Type of Token storage (where the temporary information will be keep). The system also allows to use the Cache library as storage.
> Note: However, not all methods allows all those operations. For example, user and password authentication can't be invalidated or renewed.
//Connections (you can check the section types of configuration for more information about $pdoConfig and $tokenConfig)
$auth = new AuthOne(
'token', // the type of authentication
'pdo', // the type of store (where the users will be stored), values allowed: 'pdo','document','token'
$pdoConfig, // the configuration of the PDO.
$tokenConfig // the configuration of token (it is only required for token type of authentication)
);
$auth->fieldConfig('mytable', 'myuser', 'mypassword', 'mydisable');
// creating authentication
$token = $this->auth->createAuth('admin', 'abc.123', 1);
// validating authentication
var_dump($this->auth->validate($token));
PHP Session depends on the configuration of the sessions of PHP. By default, PHP creates a new session in a file, and it uses the Session ID to recover the information store in the session.
While PHP session uses (by default) cookies, this library is agnostic and the session-id could be sent and received via url, HTML header or cookies.
Features enabled
It is similar to PHP session, but it doesn't rely on the system of PHP for the authentication. It is based in a token that is a 64-character code that the Client could use for authentication.
This token is stored in the cache server.
Features enabled
It is the most basic type of authentication. The customer must send the user and password per every validation. If you use this validation, then login and validation works in the same way.
Pro:
* It is more simple to implement, and it doesn't rely on or use a cache to validate the information. It only requires a storage server. * It could work in multiple server installation (if each server has the same user storage)
Cons:
* It is less safe because the customer is sending the user and password every time it needs to validate. * It is also slower because it validates the user and password every time using the storage server.
Features enabled
It works using the customer and server talk each other's sending the content of the user and a CRC validator (as a TOKEN) each time.
This kind of authentication allows to simplify the authentication in a system that relies on in multiple server. Instead of require a server to validate the token, it uses the own token as validation.
It is safe because the content of the token can't be modified or edited.
This method is not compatible with JWT because the structure is different
Structure of the value returned by login
[
'body'=>the content of the token, example the user, level of the user, full name, email, etc
'token'=the time of expiration + the token that validates that the body has not been changed
]
While JWT has the next structure (serialized as BASE64)
{
"alg": "HS256",
"typ": "JWT"
}
.
{
content of the token
}
.
verify signature
Structure of the value required to validate
$this->validate(the body or content,the token); // if the validation is right, then it returns the body, otherwise it returns false
Features enabled
Configuration of the PDO store.
// if you want to store the users and password in the database
$pdoConfig = [
'databaseType' => 'mysql', // the type of database: mysql, sqlsrv or oci (oracle)
'server' => '127.0.0.1', // the server of the database
'user' => 'root', // the user
'pwd' => 'abc.123', // the password
'db' => 'sakila' // the database or schema. In oracle, this value is ignored, and it uses the user.
];
Configuration of the document store.
// if you want to store the users and passwords in the file-system
$docConfig = [
'database' => __DIR__ . '/base', // the initial folder
'collection' => '', // (optional) the sub-folder
'strategy' => 'folder', // (optional )the lock strategy.
// It is used to avoid that two users replace the same file at the same time.
'server' => '', // used by REDIS, example: localhost:6379
'serializeStrategy' => 'json_array' // (optional) the strategy to serialization
];
Configuration of the token store
$tokenConfig=[ // it is required if you are using TOKEN.
'type'=>'redis', // it will use redis to store the temporary tokens.
// Values allowed: auto (automatic),redis (redis) ,
// memcache (memcache),apcu (PHP APCU),pdoone (database) and documentone (file system)
'server'=>'127.0.0.1', // the server of REDIS or PDO
'schema'=>'', // (optional), the schema or folder.
'port'=>0, // (optional) the port, used by redis memcache or pdo
'user'=>'', // (optional) the user used by pdo
'password'=>'' // (optional) the password used by pdo
];
Copyright: Jorge Castro Castillo (2022) Dual License, LGPL and Commercial.
Files (25) |
File | Role | Description | ||
---|---|---|---|---|
docs (5 files) | ||||
examples (1 directory) | ||||
src (1 file, 1 directory) | ||||
tests (2 files, 1 directory) | ||||
composer.json | Data | Auxiliary data | ||
LICENSE | Lic. | License text | ||
phpunit.xml | Data | Auxiliary data | ||
README.md | Doc. | Documentation |
Files (25) | / | docs |
File | Role | Description |
---|---|---|
diagram1.drawio | Data | Auxiliary data |
jwt.png | Data | Auxiliary data |
phpsession.png | Data | Auxiliary data |
token.png | Data | Auxiliary data |
up.png | Data | Auxiliary data |
Files (25) | / | examples | / | auth |
File | Role | Description |
---|---|---|
createAuth.php | Example | Example script |
validateAuth.php | Example | Example script |
Files (25) | / | src | / | services |
File | Role | Description |
---|---|---|
IServiceAuthOne.php | Class | Class source |
IServiceAuthOneStore.php | Class | Class source |
ServiceAuthOneJWTlite.php | Class | Class source |
ServiceAuthOneSession.php | Class | Class source |
ServiceAuthOneStoreDocument.php | Class | Class source |
ServiceAuthOneStorePdo.php | Class | Class source |
ServiceAuthOneStoreToken.php | Class | Class source |
ServiceAuthOneToken.php | Class | Class source |
ServiceAuthOneUserPwd.php | Class | Class source |
Files (25) | / | tests |
File | Role | Description | ||
---|---|---|---|---|
base (2 files) | ||||
AuthOneTest.php | Class | Class source | ||
bootstrap.php | Aux. | Auxiliary script |
Files (25) | / | tests | / | base |
File | Role | Description |
---|---|---|
admin.dson | Data | Auxiliary data |
admin2.dson | Data | Auxiliary data |
The PHP Classes site has supported package installation using the Composer tool since 2013, as you may verify by reading this instructions page. |
Install with Composer |
Version Control | Unique User Downloads | Download Rankings | |||||||||||||||
100% |
|
|
Applications that use this package |
If you know an application of this package, send a message to the author to add a link here.