Download the PHP package dotkernel/dot-authentication-service without Composer

On this page you can find all versions of the php package dotkernel/dot-authentication-service. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package dot-authentication-service

[!IMPORTANT] dot-authentication-service is a wrapper on top of laminas/laminas-authentication

Dynamic JSON Badge

[!CAUTION]

Security-Only Maintenance Mode

This package is considered feature-complete, and is now in security-only maintenance mode.

OSS Lifecycle GitHub license PHP from Packagist (specify version)

dot-authentication-service

Concrete authentication service implementation of \Dot\Authentication\AuthenticationInterface built using laminas-authentication authentication and storage adapters. We advise you to have a quick look at how laminas authentication works, by visiting the documentation

Installation

Run the following command in your project directory

Add the ConfigProvider class to your configuration aggregate, to register the default services.

Usage

You'll usually inject the authentication service into your classes and use its methods, as described by its interface at dot-authentication

When creating the authentication service, you'll have to provide an authentication AdapterInterface and a StorageInterface.

We already provide some default implementations of authentication adapters and storage adapters, with the possibility to write your custom ones.

We also provide a convenient factory class that configures an authentication service based on configuration. Just merge the package's ConfigProvider output to your application config in order to register all the required dependencies.

Authentication adapters

Used by the authentication service to check the credentials against some backend. Can be easily exchanged with various implementations depending on the authentication type or backend type. An \Dot\Authentication\Adapter\AdapterInterface is provided which must be implemented by all adapters. Also, adapters should be registered in the \Dot\Authentication\Adapter\AdapterPluginManager service. More on this in the writing custom adapters section.

The AdapterInterface defines the following methods

This method is optional, it depends on the authentication type if a challenge response is required. It should return a ResponseInterface with status code 401 and a WWW-Authenticate header to indicate authentication is required.

HttpAdapter

This adapter provides HTTP basic and digest authentication. It is built around the laminas-authentication http adapter class. It actually wraps the laminas authentication http adapter, which can be configured by sending in the $config parameter as described by the laminas-authentication official documentation. We'll describe later how to configure an authentication service with such an adapter.

When authenticating, this adapter extracts the credentials from the request's Authorization header.

CallbackCheckAdapter

Use to authenticate request against a MySQL backend. It is called so, because it accepts a callback as one of its parameters, which is called to check the password according to specific needs(md5, bcrypt etc.) It also wraps a laminas-authentication adapter with the same name, so much of its initialization is linked to that adapter. We'll describe later how to configure such an adapter.

This adapter requires that before calling the authentication service's authenticate method, you should manually extract the credentials from your request(POST) and initialize a DbCredentials class with it. It does not make assumptions on where the credentials should be in the request. It searches for a specific attribute instead, which you should add before authenticating. After extracting the credentials into a DbCredentials class, set this as a $request attribute at key DbCredentials::class.

Identity prototype and hydrator

Both these adapters require an identity prototype object and an optional hydrator class(ClassMethods by default) When successfully authenticating, it will hydrate the prototype with the user data and return it inside the AuthenticationResult.

Storage adapters

Used by the authentication service to store the authenticated identity in some kind of persistent storage. All storage adapters must implement the \Dot\Authentication\Storage\StorageInterface interface. This interface extends the \Laminas\Authentication\Storage\StorageInterface. No additional interface methods are defined for now.

Also, storage adapters should be registered in the \Dot\Authentication\Storage\StoragePluginManager.

SessionStorage

It extends the Laminas\Authentication\Storage\Session class, providing the same functionality, with the only difference that on each write call, it will regenerate the session id. This is to prevent session fixation attacks, we renew the session id when user sign in. You can find more details on this storage adapter in laminas-authentication official documentation. We'll also give you an example in the following documentation on how to configure such an adapter.

NonPersistenStorage

It extends the Laminas\Authentication\Storage\NonPersistent class. As its name suggests, it does not store the identity persistently. It will be lost after script finishes running. Useful for API implementations, where authentication is stateless.

Configuring an AuthenticationService

First of all, make sure you merge this package's ConfigProvider output to your application's config. This will add all necessary dependencies to your application, including the convenient factories. Create a separate config file in your config/autoload directory, call it authentication.global.php for example.

authentication.global.php

To define a http basic adapter you can define a configuration as below:


All versions of dot-authentication-service with dependencies

PHP Build Version
Package Version
Requires php Version ~8.1.0 || ~8.2.0 || ~8.3.0
psr/http-message Version ^1.0 || 2.0
laminas/laminas-servicemanager Version ^3.11.2
laminas/laminas-hydrator Version ^4.3.1
dotkernel/dot-authentication Version ^2.1
laminas/laminas-authentication Version 2.16.0
laminas/laminas-db Version ^2.15.0
laminas/laminas-session Version ^2.12.1
laminas/laminas-psr7bridge Version ^1.6.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package dotkernel/dot-authentication-service contains the following files

Loading the files please wait ....