定制 dereuromark/cakephp-tinyauth-backend 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

dereuromark/cakephp-tinyauth-backend

Composer 安装命令:

composer require dereuromark/cakephp-tinyauth-backend

包简介

A CakePHP plugin for DB based authentication and authorization handling

README 文档

README

CI Coverage Status PHPStan Minimum PHP Version License Latest Stable Version Total Downloads Coding Standards

A database driven backend for CakePHP TinyAuth plugin. This replaces the native INI file approach.

This branch is for use with CakePHP 5.1+. For details see version map.

Installation

Install the plugin with composer from your CakePHP project's ROOT directory (where composer.json file is located)

composer require dereuromark/cakephp-tinyauth-backend

It will auto-require dereuromark/cakephp-tinyauth dependency.

Admin Access Requirement

The plugin mounts its admin UI under /admin/auth.

As of the current master, admin access is fail-closed outside debug mode:

  • debug = true: the admin UI is accessible by default for local setup and demos
  • debug = false: the admin UI returns 403 unless your app explicitly configures TinyAuthBackend.editorCheck

Production apps should always set TinyAuthBackend.editorCheck to a callable that decides who may edit TinyAuth rules:

use Cake\Core\Configure;
use Psr\Http\Message\ServerRequestInterface;

Configure::write(
    'TinyAuthBackend.editorCheck',
    function (mixed $identity, ServerRequestInterface $request): bool {
        if ($identity === null) {
            return false;
        }

        $roleId = is_object($identity) && method_exists($identity, 'get')
            ? $identity->get('role_id')
            : ($identity['role_id'] ?? null);

        return (int)$roleId === 3;
    },
);

Strict Content-Security-Policy (optional)

The plugin's admin UI is built to run under a strict Content-Security-Policy header — no script-src 'unsafe-eval', no style-src 'unsafe-inline'. Inline <script> blocks in the layout carry a per-request nonce read from $this->getRequest()->getAttribute('cspNonce'), so any host-app middleware that sets that attribute and emits a matching Content-Security-Policy header will Just Work.

Two host-app concerns to be aware of:

  1. CSP middleware — the plugin does not ship its own. Add a small middleware to your app that generates a per-request nonce, exposes it as the cspNonce request attribute, and emits a Content-Security-Policy header with 'nonce-…' in script-src. The companion cakephp-tinyauth-demo shows a ~50-line implementation in src/Middleware/StrictCspMiddleware.php.

  2. FormHelper hiddenBlock template — out of the box, CakePHP wraps every CSRF token in <div style="display:none;">…</div>, which violates strict style-src. Override the template once in your AppView::initialize():

    public function initialize(): void
    {
        $this->loadHelper('Form', [
            'templates' => [
                'hiddenBlock' => '<div hidden>{{content}}</div>',
            ],
        ]);
    }

    This swaps the inline style for the HTML5 hidden attribute, which needs no CSS. A single override eliminates one CSP violation per Form->postLink() / Form->postButton() on every page.

The included tests/TestCase/CspComplianceTest.php (template-source scan) and tests/TestCase/Controller/Admin/RenderedCspComplianceTest.php (rendered-HTML check) guard against regressions.

Documentation

Full documentation lives at dereuromark.github.io/cakephp-tinyauth-backend.

A few good entry points:

The Markdown sources live in the docs directory of this repository.

dereuromark/cakephp-tinyauth-backend 适用场景与选型建议

dereuromark/cakephp-tinyauth-backend 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 360 次下载、GitHub Stars 达 2, 最近一次更新时间为 2019 年 11 月 11 日, 在 PHP 生态内属于活跃度较高的组件。

它主要适用于以下技术方向: 「authorization」 「Authentication」 「plugin」 「cakephp」 「admin-panel」 「roles」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。

我们在过去多个企业项目中使用过 dereuromark/cakephp-tinyauth-backend 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 dereuromark/cakephp-tinyauth-backend 我们能提供哪些服务?
定制开发 / 二次开发

基于 dereuromark/cakephp-tinyauth-backend 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 360
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 2
  • 点击次数: 23
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 2
  • Watchers: 4
  • Forks: 3
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2019-11-11