Download the PHP package blastanders/myth-auth without Composer

On this page you can find all versions of the php package blastanders/myth-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package myth-auth

Myth:Auth

Coverage Status

Flexible, Powerful, Secure auth package for CodeIgniter 4.

Now with two-factor authentication with authenticator apps.

Project Notice

As of June 2022 CodeIgniter now has an official Authentication library, CodeIgniter Shield. If you are looking for an authentication solution for a new project then that is the recommended solution.

This project is now maintained by volunteers. If you interact with the project repository there may be delays in receiving a response. Please direct support questions to GitHub Discussions or to CodeIgniter's Forums or Slack Channel.

Requirements

Features

This is meant to be a one-stop shop for 99% of your web-based authentication needs with CI4. It includes the following primary features:

Installation

Installation is best done via Composer. Assuming Composer is installed globally, you may use the following command:

This will add the latest stable release of Myth:Auth as a module to your project.

Manual Installation

Should you choose not to use Composer to install, you can clone or download this repo and then enable it by editing app/Config/Autoload.php and adding the Myth\Auth namespace to the $psr4 array. For example, if you copied it into app/ThirdParty/:

Upgrading

Be sure to check the Changes Docs for necessary steps to take after upgrading versions.

Views: Be sure to make a copy of the $views in the module config under src/Config/Auth.php

Configuration

Once installed you need to configure the framework to use the Myth\Auth library. In your application, perform the following setup:

0. Copy vendor/blastanders/myth-auth/src/Config/Auth.php to app/Config/Auth.php. All changes to configs should be done in app/Config/Auth.php.

  1. Edit app/Config/Email.php and verify that a fromName and fromEmail are set as that is used when sending emails for password reset, etc.

  2. Edit app/Config/Validation.php and add the following value to the ruleSets array: \Myth\Auth\Authentication\Passwords\ValidationRules::class

  3. Ensure your database is setup correctly, then run the Auth migrations:

NOTE: This library uses your application's cache settings to reduce database lookups. If you want to make use of this, simply make sure that your are using a cache engine other than dummy and it is properly setup. The GroupModel and PermissionModel will handle caching and invalidation in the background for you.

Overview

When first installed, Myth:Auth is setup to provide all of the basic authentication services for you, including new user registration, login/logout, and forgotten password flows.

"Remember Me" functionality is turned off by default though it can be turned on by setting the $allowRemembering variable to be true in Config/Auth.php.

Routes

Routes are defined in Auth's Config/Routes.php file. This file is automatically located by CodeIgniter when it is processing the routes. If you would like to customize the routes, you should copy the file to the app/Config directory, update the namespace, and make your route changes there. You may also use the $reservedRoutes property of Config\Auth to redirect internal route names.

Views

Basic views are provided that are based on Bootstrap 4 for all features.

You can easily override the views used by editing Config/Auth.php, and changing the appropriate values within the $views variable:

public $views = [
    'login'       => 'App\Views\auth\login', //assume you have a view under app\Views\auth\login.php
    'register'    => 'Myth\Auth\Views\register',
    'forgot'      => 'Myth\Auth\Views\forgot',
    'reset'       => 'Myth\Auth\Views\reset',
    'emailForgot' => 'Myth\Auth\Views\emails\forgot',
];

NOTE: If you're not familiar with how views can be namespaced in CodeIgniter, please refer to the CodeIgniter User Guide for section on Code Module support.

Services

The following Services are provided by the package:

authentication

Provides access to any of the authentication packages that Myth:Auth knows about. By default it will return the "Local Authentication" library, which is the basic password-based system.

You can specify the library to use as the first argument:

authorization

Provides access to any of the authorization libraries that Myth:Auth knows about. By default it will return the "Flat" authorization library, which is a Flat RBAC (role-based access control) as defined by NIST. It provides user-specific permissions as well as group (role) based permissions.

passwords

Provides direct access to the Password validation system. This is an expandable system that currently supports many of NIST's latest Digital Identity guidelines. The validator comes with a dictionary of over 620,000 common/leaked passwords that can be checked against. A handful of variations on the user's email/username are automatically checked against.

Most of the time you should not need to access this library directly, though, as a new Validation rule is provided that can be used with the Validation library, strong_password. In order to enable this, you must first edit app/Config/Validation.php and add the new ruleset to the available rule sets:

Now you can use strong_password in any set of rules for validation:

Helper Functions

Myth:Auth comes with its own Helper that includes the following helper functions to ease access to basic features. Be sure to load the helper before using these functions: helper('auth');

Hint: Add 'auth' to any controller's $helper property to have it loaded automatically, or the same in app/Controllers/BaseController.php to have it globally available. the auth filters all pre-load the helper so it is available on any filtered routes.

logged_in()

user()

user_id()

in_groups()

has_permission()

Users

Myth:Auth uses CodeIgniter Entities for it's User object, and your application must also use that class. This class provides automatic password hashing as well as utility methods for banning/un-banning, password reset hash generation, and more.

It also provides a UserModel that should be used as it provides methods needed during the password-reset flow, as well as basic validation rules. You are free to extend this class or modify it as needed.

The UserModel can automatically assign a role during user creation. Pass the group name to the withGroup() method prior to calling insert() or save() to create a new user and the user will be automatically added to that group.

User registration already handles this for you, and looks to the Auth config file's, $defaultUserGroup setting for the name of the group to add the user to. Please, keep in mind that $defaultUserGroup variable is not set by default.

Toolbar

Myth:Auth includes a toolbar collector to make it easy for developers to work with and troubleshoot the authentication process. To enable the collector, edit app/Config/Toolbar.php and add it to the list of active collectors:

Restricting by Route

If you specify each of your routes within the app/Config/Routes.php file, you can restrict access to users by group/role or permission with Controller Filters.

First, edit application/Config/Filters.php and add the following entries to the aliases property:

Global restrictions

The role and permission filters require additional parameters, but LoginFilter can be used to restrict portions of a site (or the entire site) to any authenticated user. If no logged in user is detected then the filter will redirect users to the login form.

Restrict routes based on their URI pattern by editing app/Config/Filters.php and adding them to the $filters array, e.g.:

Or restrict your entire site by adding the LoginFilter to the $globals array:

Restricting a single route

Any single route can be restricted by adding the filter option to the last parameter in any of the route definition methods:

The filter can be either role or permission, which restricts the route by either group or permission. You must add a comma-separated list of groups or permissions to check the logged in user against.

Restricting Route Groups

In the same way, entire groups of routes can be restricted within the group() method:

Customization

See the Extending documentation.


All versions of myth-auth with dependencies

PHP Build Version
Package Version
Requires php Version ^7.4 || ^8.0
robthree/twofactorauth Version ^1.8
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package blastanders/myth-auth contains the following files

Loading the files please wait ....