erdiko/authenticate
最新稳定版本:0.1.1
Composer 安装命令:
composer require erdiko/authenticate
包简介
Authentication module
README 文档
README
User Authentication
Compatibility
This is compatible with PHP 5.4 or above and the latest version of Erdiko.
Installation
Add package using composer
composer require erdiko/authenticate
Requirements
Between its requirements we count on Pimple, Symfony Security and Firebase PHP-JWT. In case of Pimple, we choose this package to manage Dependency Injection, allowing us to add more flexibility and extensibility. It also adds compatibility with Symfony Security module. Finally the JWT package, is being used to provide a build in working example of authentication extension using this protocol.
How to Use
Before you start using this package, it needs some initial setup/config.
Add authenticate.json config.
In this file will be defined two major components, the first one related with storage and the other related with authentication.
For the storage we provided a SessionStorage service, but you can add your custom storage service just implementing
erdiko\authenticate\StorageInterface interface and adding it to the config file.
In case of authentication, there are two steps, Authenticator and Authentication that implements
erdiko\authenticate\AuthenticatorInterface and erdiko\authenticate\AuthenticationInterface respectively.
Within your app, let's say LoginController or whenever you place the login, you will use an instance of
Authenticator that will provide you a set of useful method to login, logout, maintain cache among others.
This authenticator object will use the authentication type you select, between all of the enabled options you defined
in the authenticate.json config, and that is the implementation of the second Interface.
Here's an example of config file
(you can copy from <project>/vendor/erdiko/authenticate/app/config/default/authenticate.json)
{
"authentication": {
"available_types": [{
"name": "jwt_auth",
"namespace": "erdiko_authenticate_services",
"classname": "JWTAuthentication",
"enabled": true
}]
},
"storage": {
"selected": "session",
"storage_types": [{
"name": "session",
"namespace": "erdiko_authenticate_Services",
"classname": "SessionStorage",
"enabled": true
}]
}
}
As we mention above, the authentication will define the available classes that implements the user's validation logic. You can choose between a list of them defined in this config. For example, you can have one class that allows you to authenticate using oAuth methods, other that use LDAP, other that use database, and so on.
Same for the storage section, except that you should use only one type at time, that's why this section has a selected
field.
Let's breakdown the config fields. In both cases:
- name: is the key will be used to references an individual class.
- namespace: represents a translated class namespace, e.g.: for
app\lib\serviceshould beapp_lib_services, the rule is: replace back slash with underscore. - classname: is the exact name of the class and it is case-sensitive.
- enabled: True, if it's available to use, false, if you want to disable temporarily.
Extending
Storage
We provide a Session Storage type as default method to manage your user's status and other data. However you can choose a different storage like database, filesystem or memcached just mention few.
In order to create your own storage service, you will have to create a class that implements erdiko\authenticate\StorageInterface
like:
Class SessionStorage implements StorageInterface { public function persist(UserStorageInterface $user) { $this->startSession(); $_SESSION["current_user"] = $user->marshall(); } public function attemptLoad(UserStorageInterface $userModel) { $user = null; $sapi = php_sapi_name(); if(!$this->contains('cli', $sapi)){ $this->startSession(); } if(array_key_exists("current_user", $_SESSION)){ $_user = $_SESSION["current_user"]; if(!empty($_user)){ $user = $userModel::unmarshall($_user); } } return $user; } public function contains($needle, $haystack) { return strpos($haystack, $needle) !== false; } public function destroy() { $this->startSession(); if(array_key_exists("current_user", $_SESSION)){ unset($_SESSION["current_user"]); } @session_destroy(); } private function startSession() { if(!file_exists(ERDIKO_VAR . "/session")) { mkdir(ERDIKO_VAR . "/session"); } ini_set('session.save_path',ERDIKO_VAR . "/session"); if(session_id() == '') { @session_start(); } else { if (session_status() === PHP_SESSION_NONE) { @session_start(); } } } }
and edit your authenticate.json config by adding new item in the storage section and put it as selected
{
"storage": {
"selected": "custom",
"storage_types": [{
"name": "session",
"namespace": "erdiko_authenticate_services",
"classname": "SessionStorage",
"enabled": true
},
{
"name": "custom",
"namespace": "app_lib_authenticate_services",
"classname": "CustomStorage",
"enabled": true
}]
}
}
Authentication types
As we mention before, here we need to split in two, authentication and authenticator.
Let's start with authentication_, here we will create class that implements AuthenticationInterface where
we will put the custom user's validation logic, no matter if it's just a return true, and LDAP call or any other
crazy algorithm.
Same as we did with storage, we need to add this new class in the authenticate.json within the available_types
section.
{
"authentication": {
"available_types": [{
"name": "jwt_auth",
"namespace": "erdiko_authenticate_services",
"classname": "JWTAuthentication",
"enabled": true
},
{
"name": "custom_auth",
"namespace": "app_lib_authenticate_services",
"classname": "CustomAuthentication",
"enabled": true
}]
}
}
The last step is create an authenticator class that implements AuthenticatorInterface. This class is the one you will use in your app to preform the actual login process.
Within this class you will use previous defined tools to authenticate and store data, based on configuration file. Here's an example of login method:
public function login($credentials = array(), $type = 'jwt_auth') { $storage = $this->container["STORAGES"][$this->selectedStorage]; $result = false; // checks if it's already logged in $user = $storage->attemptLoad($this->erdikoUser); if($user instanceof UserStorageInterface) { $this->logout(); } $auth = $this->container["AUTHENTICATIONS"][$type]; $result = $auth->login($credentials); if(isset($result->user)) $user = $result->user; else throw new \Exception("User failed to load"); if(!empty($user) && (false !== $user)) { $this->persistUser( $user ); $response = true; } return $result; }
Of course is your choice what method implement, for example, you can opt to skip persistUser if you want to use client
side cookie instead of session or any other method on the server side. Said that, we encourage you to implement
persistUser method like this:
public function persistUser(UserStorageInterface $user) { $this->generateTokenStorage($user); } public function generateTokenStorage(UserStorageInterface $user) { $entityUser = $user->getEntity(); $userToken = new UsernamePasswordToken($entityUser->getEmail(),$entityUser->getPassword(),'main',$user->getRoles()); $_SESSION['tokenstorage'] = $userToken; }
It will give you the chance to interconnect your authenticated user with other packages like erdiko/authorize or any
Symfony/Security.
Special Thanks
Arroyo Labs - For sponsoring development, http://arroyolabs.com
erdiko/authenticate 适用场景与选型建议
erdiko/authenticate 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 1.28k 次下载、GitHub Stars 达 6, 最近一次更新时间为 2016 年 11 月 28 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「Authentication」 「erdiko」 「erdiko-authenticate」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 erdiko/authenticate 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 erdiko/authenticate 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 erdiko/authenticate 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Automatically logs-in users if they are already authenticated by a remote source. (e.g. environment variable REMOTE_USER)
GraphQL authentication for your headless Craft CMS applications.
Laravel middleware to restrict a site or specific routes using HTTP basic authentication
Erdiko micro MVC core libraries
Email Toolkit Plugin for CakePHP
Erdiko Wordpress package
统计信息
- 总下载量: 1.28k
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 6
- 点击次数: 8
- 依赖项目数: 1
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2016-11-28