PHP download

Download the PHP package digbang/security without Composer

On this page you can find all versions of the php package digbang/security. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download digbang/security
More information about digbang/security
Files in digbang/security

Vendor digbang
Package security
Short Description Security package for Laravel projects in Digbang.
License MIT

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of digbang/security

Informations about the package security

Security

Security package for new laravel projects.

Usage

Add the SecurityServiceProvider to your config/app.php file:

To use this package, you need to define a Context which you need to secure. URLs inside this Context will have access to the SecurityApi configured for them. This way, you may have multiple Contexts running on a single application.

Add as many contexts as you need in a ServiceProvider :: boot() of your own:

And then refer to this context in your routing (as a route middleware):

The Digbang\Security\Contracts\SecurityApi interface gives access to all of this package's functionality. In most cases, it works as a wrapper of the Cartalyst\Sentinel\Sentinel object.

Refer to the documentation in each method to understand its uses.

Users

Basic authentication functionality is accessible directly through the SecurityApi object.

To access the UserRepository object, call $securityApi->users().

Reminders

Reminders are randomly generated codes related to a user, frequently used in reset password cycles.

To access the reminders functionality, use the ReminderRepository with $securityApi->reminders().

Persistences

Persistences are session and cookie tokens generated to persist a logged-in session through time.

To access the persistences functionality, use the PersistenceRepository with $securityApi->persistences().

Checkpoints

Checkpoints are custom logic to be executed every time a login attempt happens. The Security package comes with two checkpoints: Activations and Throttles.

Activations

The Activation checkpoint checks if a user has already activated his account every time he or she logs in. When this check fails, a NotActivatedException is thrown.

To access the activations functionality, use the ActivationRepository with $securityApi->activations().

Throttling

The Throttling checkpoint monitors failed login attempts to prevent DDoS attacks. It logs three different types of attempts, and reacts to each of them differently:

Global attempts: All login attempts inside the configured context will log a global attempt.
IP attempts: Attempts coming from the same IP will be logged to recognize possible attackers.
User attempts: Multiple failed logins to the same user account will be logged to identify a possible victim.

Each type of attempt has two configurations:

Thresholds (int or array): Represents the amount of attempts needed before the system is blocked. An array of qty_attempts => block_time can be used to block access for a given time based on the amount of failed attempts.
Interval (int): Represents the time (in seconds) that the system will block further attempts on this type.

You may change this configurations through the SecurityContextConfiguration object. The defaults are:

To access the throttling functionality, use the ThrottleRepository with $securityApi->throttles().

Roles

Roles group users together and allow an administrator to give (or refuse) access to resources to a group of users.

Roles may be disabled through the SecurityContextConfiguration object if not needed.

To access the roles functionality, use the RoleRepository with $securityApi->roles().

Permissions

Permissions are functionality identifiers that are used to grant or deny access to parts of the system to specific users or roles.

By default, a RoutePermissionRepository object will check available permissions by parsing the routes action array in search of a permission key. This strategy can be changed by implementing a different kind of Digbang\Security\Permissions\PermissionRepository, and changing the SecurityContextConfiguration accordingly.

Permissions may also be disabled through the SecurityContextConfiguration object if not needed.

To access the permissions functionality, use the PermissionRepository with $securityApi->permissions().

Generating URLs

The PermissibleUrlGenerator is an extension of Laravel's UrlGenerator interface. The default implementation, PermissionAwareUrlGenerator, will check if the currently logged-in user has access to the requested url and throw a Digbang\Security\Permissions\PermissionException if he or she does not.

You may access this functionality through the $securityApi->url() method.

Custom objects

The Security package extends the Cartalyst\Sentinel interfaces with more functionality. By default, an implementation of each interface (eg.: Digbang\Security\Users\User) can be found in the same namespace (eg.:Digbang\Security\Users\DefaultUser.)

If you wish to use a custom implementation of any Entity, these are the steps you have to follow:

you must either:
- extend the repository implementation (eg.: Digbang\Security\Users\DoctrineUserRepository) with one of your own
- or you may decide to implement the repository interface (eg.: Digbang\Security\Users\UserRepository) by yourself.
you must implement all the methods in the corresponding interface (eg.: Digbang\Security\Users\User.)
you must configure this in the SecurityContextConfiguration object, as shown above.
you may reuse the entity trait (eg.: Digbang\Security\Users\UserTrait.)
you may reuse the mapping trait (eg.: Digbang\Security\Users\UserMappingTrait.)

All versions of security with dependencies

PHP Build Version

Package Version

Version v6.0.3 Release 29. Jun 2022
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of security from vendor digbang

Requires php Version ^8.0.2
laravel-doctrine/orm Version ^1.8
laravel-doctrine/fluent Version ^1.3
illuminate/support Version ^9.0
illuminate/contracts Version ^9.0
illuminate/events Version ^9.0
illuminate/cookie Version ^9.0
illuminate/routing Version ^9.0
cartalyst/sentinel Version dev-master

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package digbang/security contains the following files

Loading the files please wait ....