承接 dereuromark/cakephp-tinyauth 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

dereuromark/cakephp-tinyauth

Composer 安装命令:

composer require dereuromark/cakephp-tinyauth

包简介

A CakePHP plugin to handle user authentication and authorization the easy way.

README 文档

README

CI Latest Stable Version Coverage Status PHPStan Minimum PHP Version License Total Downloads Coding Standards

A CakePHP plugin to handle authentication and user authorization the easy way.

This branch is for CakePHP 5.1+. For details see version map.

Why use TinyAuth?

TinyAuth is a wrapper plugin that extends CakePHP's official Authentication and Authorization plugins, providing significant advantages:

🚀 Zero-Code Configuration

  • INI-based setup: Define all your authentication and authorization rules in simple INI files
  • No controller modifications: Unlike vanilla plugins that require code in every controller
  • Plugin-friendly: Automatically works with third-party plugins without modifications

⚡ Lightning Fast Setup

  • 5-minute integration: Get authentication and authorization working in minutes, not hours
  • Sensible defaults: Pre-configured settings that work for 90% of use cases
  • Quick setups: Built-in configurations for common scenarios (public non-prefixed, admin areas, etc.)

🛠️ Developer Experience

  • Centralized management: All auth rules in one place, not scattered across controllers
  • Easy maintenance: Change access rules without touching code
  • Cache optimized: Built-in caching for maximum performance
  • DebugKit panel: Visualize auth status, identity, and permissions in real-time

🔧 Flexibility

  • Adapter pattern: Use INI files, database, or custom adapters for rule storage
  • Progressive enhancement: Start simple, add complexity only when needed
  • Stand-alone components: Use AuthUser component/helper independently if needed

📊 When to Choose TinyAuth

Choose TinyAuth when you want:

  • ✅ Simple role-based access control (RBAC)
  • ✅ Quick setup without extensive configuration
  • ✅ Controller-action level permissions
  • ✅ Easy-to-manage access rules
  • ✅ Minimal code changes

Since this plugin just further extends the official ones, you can skip the plugin's authentication and authorization components, and use the original plugins' functionality if you want:

  • ❌ Complex policy-based authorization
  • ❌ Resource-level permissions (per-entity authorization)
  • ❌ Middleware/routing level authentication
  • ❌ Custom authentication flows

You can still use the other helpers of this plugin, however.

What's the idea?

Default CakePHP authentication and authorization depends on code changes in at least each controller, maybe more classes. This plugin hooks in with a single line of change and manages all that using config files and there is no need to touch all those controllers, including plugin controllers.

It is also possible to manage the config files without the need to code. And it can with adapters also be moved completely to the DB and managed by CRUD backend.

Ask yourself: Do you need the overhead and complexity involved with a full blown (RBAC DB) ACL or very specific Policy approaches? See also my post acl-access-control-lists-revised/. If not, then this plugin could very well be your answer and a super quick solution to your auth problem :)

But even if you don't leverage the full authentication or authorization potential, the available AuthUserComponent and AuthUserHelper can be very useful when dealing with role based decisions in your controller or view level. They also work stand-alone.

Demo

See https://sandbox.dereuromark.de/auth-sandbox

auth_allow.ini

Define the public actions (accessible by anyone) per controller:

Users = index,view
Admin/Maintenance = pingCheck
PluginName.SomeController = *
MyPlugin.Api/V1 = *

auth_acl.ini

Define what actions may be accessed by what logged-in user role:

[Users]
index = *
add,edit = user,super-user

[Admin/Users]
* = admin

[Translate.Admin/Languages]
* = *

AuthUser component and helper

$currentId = $this->AuthUser->id();

$isMe = $this->AuthUser->isMe($userEntity->id);

if ($this->AuthUser->hasRole('mod')) {
}

if ($this->AuthUser->hasAccess(['action' => 'secretArea'])) {
}

// Helper only
echo $this->AuthUser->link('Admin Backend', ['prefix' => 'Admin', 'action' => 'index']);
echo $this->AuthUser->postLink('Delete', ['action' => 'delete', $id], ['confirm' => 'Sure?']);

Installation

Required Dependencies

IMPORTANT: TinyAuth is a wrapper plugin that extends CakePHP's official plugins. You must understand them first:

📦 Official CakePHP Plugins

Plugin Purpose Documentation
cakephp/authentication Handles user authentication (login, sessions, etc.) 📖 Official Docs
cakephp/authorization Handles user authorization (permissions, access control) 📖 Official Docs
# Install for authentication features (login, sessions)
composer require cakephp/authentication

# Install for authorization features (roles, ACL)
composer require cakephp/authorization

Note: You only need to install the plugin(s) for the features you plan to use. The AuthUser component and helper can work standalone without requiring the official plugins.

📦 Install TinyAuth

After installing the required official plugin(s), install TinyAuth:

composer require dereuromark/cakephp-tinyauth

Finally, load the plugin:

bin/cake plugin load TinyAuth

Docs

Full documentation: https://dereuromark.github.io/cakephp-tinyauth/

Also note the original blog post and how it all started.

dereuromark/cakephp-tinyauth 适用场景与选型建议

dereuromark/cakephp-tinyauth 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 239.54k 次下载、GitHub Stars 达 131, 最近一次更新时间为 2014 年 09 月 19 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「authorization」 「Authentication」 「plugin」 「cakephp」 「middleware」 「acl」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 dereuromark/cakephp-tinyauth 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 dereuromark/cakephp-tinyauth 我们能提供哪些服务?
定制开发 / 二次开发

基于 dereuromark/cakephp-tinyauth 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 239.54k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 132
  • 点击次数: 22
  • 依赖项目数: 6
  • 推荐数: 1

GitHub 信息

  • Stars: 131
  • Watchers: 7
  • Forks: 44
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2014-09-19