PHP code example of gotzmann / auth

1. Go to this page and download the library: Download gotzmann/auth library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php. 
    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

gotzmann / auth example snippets


     

// $db = new \PDO('mysql:dbname=my-database;host=localhost;charset=utf8mb4', 'my-username', 'my-password');
// or
// $db = new \PDO('pgsql:dbname=my-database;host=localhost;port=5432', 'my-username', 'my-password');
// or
// $db = new \PDO('sqlite:../Databases/my-database.sqlite');

$auth = new \Comet\Auth($db, $session, $params);


try {
    $userId = $auth->register($_POST['email'], $_POST['password'], $_POST['username'], function ($selector, $token) {
        echo 'Send ' . $selector . ' and ' . $token . ' to the user (e.g. via email)';
    });

    echo 'We have signed up a new user with the ID ' . $userId;
}
catch (\Comet\InvalidEmailException $e) {
    die('Invalid email address');
}
catch (\Comet\InvalidPasswordException $e) {
    die('Invalid password');
}
catch (\Comet\UserAlreadyExistsException $e) {
    die('User already exists');
}
catch (\Comet\TooManyRequestsException $e) {
    die('Too many requests');
}


if (\preg_match('/[\x00-\x1f\x7f\/:\\\\]/', $username) === 0) {
    // ...
}


$url = 'https://www.example.com/verify_email?selector=' . \urlencode($selector) . '&token=' . \urlencode($token);


try {
    $auth->login($_POST['email'], $_POST['password']);

    echo 'User is logged in';
}
catch (\Comet\InvalidEmailException $e) {
    die('Wrong email address');
}
catch (\Comet\InvalidPasswordException $e) {
    die('Wrong password');
}
catch (\Comet\EmailNotVerifiedException $e) {
    die('Email not verified');
}
catch (\Comet\TooManyRequestsException $e) {
    die('Too many requests');
}


try {
    $auth->confirmEmail($_GET['selector'], $_GET['token']);

    echo 'Email address has been verified';
}
catch (\Comet\InvalidSelectorTokenPairException $e) {
    die('Invalid token');
}
catch (\Comet\TokenExpiredException $e) {
    die('Token expired');
}
catch (\Comet\UserAlreadyExistsException $e) {
    die('Email address already exists');
}
catch (\Comet\TooManyRequestsException $e) {
    die('Too many requests');
}


try {
    $auth->forgotPassword($_POST['email'], function ($selector, $token) {
        echo 'Send ' . $selector . ' and ' . $token . ' to the user (e.g. via email)';
    });

    echo 'Request has been generated';
}
catch (\Comet\InvalidEmailException $e) {
    die('Invalid email address');
}
catch (\Comet\EmailNotVerifiedException $e) {
    die('Email not verified');
}
catch (\Comet\ResetDisabledException $e) {
    die('Password reset is disabled');
}
catch (\Comet\TooManyRequestsException $e) {
    die('Too many requests');
}


$url = 'https://www.example.com/reset_password?selector=' . \urlencode($selector) . '&token=' . \urlencode($token);


try {
    $auth->canResetPasswordOrThrow($_GET['selector'], $_GET['token']);

    echo 'Put the selector into a "hidden" field (or keep it in the URL)';
    echo 'Put the token into a "hidden" field (or keep it in the URL)';

    echo 'Ask the user for their new password';
}
catch (\Comet\InvalidSelectorTokenPairException $e) {
    die('Invalid token');
}
catch (\Comet\TokenExpiredException $e) {
    die('Token expired');
}
catch (\Comet\ResetDisabledException $e) {
    die('Password reset is disabled');
}
catch (\Comet\TooManyRequestsException $e) {
    die('Too many requests');
}


if ($auth->canResetPassword($_GET['selector'], $_GET['token'])) {
    echo 'Put the selector into a "hidden" field (or keep it in the URL)';
    echo 'Put the token into a "hidden" field (or keep it in the URL)';

    echo 'Ask the user for their new password';
}


try {
    $auth->resetPassword($_POST['selector'], $_POST['token'], $_POST['password']);

    echo 'Password has been reset';
}
catch (\Comet\InvalidSelectorTokenPairException $e) {
    die('Invalid token');
}
catch (\Comet\TokenExpiredException $e) {
    die('Token expired');
}
catch (\Comet\ResetDisabledException $e) {
    die('Password reset is disabled');
}
catch (\Comet\InvalidPasswordException $e) {
    die('Invalid password');
}
catch (\Comet\TooManyRequestsException $e) {
    die('Too many requests');
}


try {
    $auth->changePassword($_POST['oldPassword'], $_POST['newPassword']);

    echo 'Password has been changed';
}
catch (\Comet\NotLoggedInException $e) {
    die('Not logged in');
}
catch (\Comet\InvalidPasswordException $e) {
    die('Invalid password(s)');
}
catch (\Comet\TooManyRequestsException $e) {
    die('Too many requests');
}


try {
    if ($auth->reconfirmPassword($_POST['password'])) {
        $auth->changeEmail($_POST['newEmail'], function ($selector, $token) {
            echo 'Send ' . $selector . ' and ' . $token . ' to the user (e.g. via email to the *new* address)';
        });

        echo 'The change will take effect as soon as the new email address has been confirmed';
    }
    else {
        echo 'We can\'t say if the user is who they claim to be';
    }
}
catch (\Comet\InvalidEmailException $e) {
    die('Invalid email address');
}
catch (\Comet\UserAlreadyExistsException $e) {
    die('Email address already exists');
}
catch (\Comet\EmailNotVerifiedException $e) {
    die('Account not verified');
}
catch (\Comet\NotLoggedInException $e) {
    die('Not logged in');
}
catch (\Comet\TooManyRequestsException $e) {
    die('Too many requests');
}


$url = 'https://www.example.com/verify_email?selector=' . \urlencode($selector) . '&token=' . \urlencode($token);


try {
    $auth->resendConfirmationForEmail($_POST['email'], function ($selector, $token) {
        echo 'Send ' . $selector . ' and ' . $token . ' to the user (e.g. via email)';
    });

    echo 'The user may now respond to the confirmation request (usually by clicking a link)';
}
catch (\Comet\ConfirmationRequestNotFound $e) {
    die('No earlier request found that could be re-sent');
}
catch (\Comet\TooManyRequestsException $e) {
    die('There have been too many requests -- try again later');
}


try {
    $auth->resendConfirmationForUserId($_POST['userId'], function ($selector, $token) {
        echo 'Send ' . $selector . ' and ' . $token . ' to the user (e.g. via email)';
    });

    echo 'The user may now respond to the confirmation request (usually by clicking a link)';
}
catch (\Comet\ConfirmationRequestNotFound $e) {
    die('No earlier request found that could be re-sent');
}
catch (\Comet\TooManyRequestsException $e) {
    die('There have been too many requests -- try again later');
}


$url = 'https://www.example.com/verify_email?selector=' . \urlencode($selector) . '&token=' . \urlencode($token);


$auth->logOut();

// or

try {
    $auth->logOutEverywhereElse();
}
catch (\Comet\NotLoggedInException $e) {
    die('Not logged in');
}

// or

try {
    $auth->logOutEverywhere();
}
catch (\Comet\NotLoggedInException $e) {
    die('Not logged in');
}


$auth->destroySession();


if ($auth->isLoggedIn()) {
    echo 'User is signed in';
}
else {
    echo 'User is not signed in yet';
}


$id = $auth->getUserId();


$email = $auth->getEmail();


$username = $auth->getUsername();


if ($auth->isNormal()) {
    echo 'User is in default state';
}

if ($auth->isArchived()) {
    echo 'User has been archived';
}

if ($auth->isBanned()) {
    echo 'User has been banned';
}

if ($auth->isLocked()) {
    echo 'User has been locked';
}

if ($auth->isPendingReview()) {
    echo 'User is pending review';
}

if ($auth->isSuspended()) {
    echo 'User has been suspended';
}


if ($auth->isRemembered()) {
    echo 'User did not sign in but was logged in through their long-lived cookie';
}
else {
    echo 'User signed in manually';
}


$ip = $auth->getIpAddress();


    function getUserInfo(\Comet\Auth $auth) {
        if (!$auth->isLoggedIn()) {
            return null;
        }

        if (!isset($_SESSION['_internal_user_info'])) {
            // TODO: load your custom user information and assign it to the session variable below
            // $_SESSION['_internal_user_info'] = ...
        }

        return $_SESSION['_internal_user_info'];
    }
    

try {
    if ($auth->reconfirmPassword($_POST['password'])) {
        echo 'The user really seems to be who they claim to be';
    }
    else {
        echo 'We can\'t say if the user is who they claim to be';
    }
}
catch (\Comet\NotLoggedInException $e) {
    die('The user is not signed in');
}
catch (\Comet\TooManyRequestsException $e) {
    die('Too many requests');
}


if ($auth->hasRole(\Comet\Role::SUPER_MODERATOR)) {
    echo 'The user is a super moderator';
}

// or

if ($auth->hasAnyRole(\Comet\Role::DEVELOPER, \Comet\Auth\Role::MANAGER)) {
    echo 'The user is either a developer, or a manager, or both';
}

// or

if ($auth->hasAllRoles(\Comet\Role::DEVELOPER, \Comet\Auth\Role::MANAGER)) {
    echo 'The user is both a developer and a manager';
}


$auth->getRoles();


\Comet\Role::ADMIN;
\Comet\Role::AUTHOR;
\Comet\Role::COLLABORATOR;
\Comet\Role::CONSULTANT;
\Comet\Role::CONSUMER;
\Comet\Role::CONTRIBUTOR;
\Comet\Role::COORDINATOR;
\Comet\Role::CREATOR;
\Comet\Role::DEVELOPER;
\Comet\Role::DIRECTOR;
\Comet\Role::EDITOR;
\Comet\Role::EMPLOYEE;
\Comet\Role::MAINTAINER;
\Comet\Role::MANAGER;
\Comet\Role::MODERATOR;
\Comet\Role::PUBLISHER;
\Comet\Role::REVIEWER;
\Comet\Role::SUBSCRIBER;
\Comet\Role::SUPER_ADMIN;
\Comet\Role::SUPER_EDITOR;
\Comet\Role::SUPER_MODERATOR;
\Comet\Role::TRANSLATOR;


\Comet\Role::getMap();
// or
\Comet\Role::getNames();
// or
\Comet\Role::getValues();


function canEditArticle(\Comet\Auth\Auth $auth) {
    return $auth->hasAnyRole(
        \Comet\Role::MODERATOR,
        \Comet\Role::SUPER_MODERATOR,
        \Comet\Role::ADMIN,
        \Comet\Role::SUPER_ADMIN
    );
}

// ...

if (canEditArticle($auth)) {
    echo 'The user can edit articles here';
}

// ...

if (canEditArticle($auth)) {
    echo '... and here';
}

// ...

if (canEditArticle($auth)) {
    echo '... and here';
}


namespace My\Namespace;

final class MyRole {

    const CUSTOMER_SERVICE_AGENT = \Comet\Role::REVIEWER;
    const FINANCIAL_DIRECTOR = \Comet\Role::COORDINATOR;

    private function __construct() {}

}


\My\Namespace\MyRole::CUSTOMER_SERVICE_AGENT;
// and
\My\Namespace\MyRole::FINANCIAL_DIRECTOR;


\Comet\Role::REVIEWER;
// and
\Comet\Role::COORDINATOR;


try {
    if ($auth->reconfirmPassword($_POST['password'])) {
        $auth->setPasswordResetEnabled($_POST['enabled'] == 1);

        echo 'The setting has been changed';
    }
    else {
        echo 'We can\'t say if the user is who they claim to be';
    }
}
catch (\Comet\NotLoggedInException $e) {
    die('The user is not signed in');
}
catch (\Comet\TooManyRequestsException $e) {
    die('Too many requests');
}


$auth->isPasswordResetEnabled();


try {
    // throttle the specified resource or feature to *3* requests per *60* seconds
    $auth->throttle([ 'my-resource-name' ], 3, 60);

    echo 'Do something with the resource or feature';
}
catch (\Comet\TooManyRequestsException $e) {
    // operation cancelled

    \http_response_code(429);
    exit;
}


[ 'my-resource-name', $_SERVER['REMOTE_ADDR'] ]
// instead of
// [ 'my-resource-name' ]


try {
    $userId = $auth->admin()->createUser($_POST['email'], $_POST['password'], $_POST['username']);

    echo 'We have signed up a new user with the ID ' . $userId;
}
catch (\Comet\InvalidEmailException $e) {
    die('Invalid email address');
}
catch (\Comet\InvalidPasswordException $e) {
    die('Invalid password');
}
catch (\Comet\UserAlreadyExistsException $e) {
    die('User already exists');
}


try {
    $auth->admin()->deleteUserById($_POST['id']);
}
catch (\Comet\UnknownIdException $e) {
    die('Unknown ID');
}


try {
    $auth->admin()->deleteUserByEmail($_POST['email']);
}
catch (\Comet\InvalidEmailException $e) {
    die('Unknown email address');
}


try {
    $auth->admin()->deleteUserByUsername($_POST['username']);
}
catch (\Comet\UnknownUsernameException $e) {
    die('Unknown username');
}
catch (\Comet\AmbiguousUsernameException $e) {
    die('Ambiguous username');
}


try {
    $auth->admin()->addRoleForUserById($userId, \Comet\Auth\Role::ADMIN);
}
catch (\Comet\UnknownIdException $e) {
    die('Unknown user ID');
}

// or

try {
    $auth->admin()->addRoleForUserByEmail($userEmail, \Comet\Auth\Role::ADMIN);
}
catch (\Comet\InvalidEmailException $e) {
    die('Unknown email address');
}

// or

try {
    $auth->admin()->addRoleForUserByUsername($username, \Comet\Auth\Role::ADMIN);
}
catch (\Comet\UnknownUsernameException $e) {
    die('Unknown username');
}
catch (\Comet\AmbiguousUsernameException $e) {
    die('Ambiguous username');
}


try {
    $auth->admin()->removeRoleForUserById($userId, \Comet\Auth\Role::ADMIN);
}
catch (\Comet\UnknownIdException $e) {
    die('Unknown user ID');
}

// or

try {
    $auth->admin()->removeRoleForUserByEmail($userEmail, \Comet\Auth\Role::ADMIN);
}
catch (\Comet\InvalidEmailException $e) {
    die('Unknown email address');
}

// or

try {
    $auth->admin()->removeRoleForUserByUsername($username, \Comet\Auth\Role::ADMIN);
}
catch (\Comet\UnknownUsernameException $e) {
    die('Unknown username');
}
catch (\Comet\AmbiguousUsernameException $e) {
    die('Ambiguous username');
}


try {
    if ($auth->admin()->doesUserHaveRole($userId, \Comet\Role::ADMIN)) {
        echo 'The specified user is an administrator';
    }
    else {
        echo 'The specified user is not an administrator';
    }
}
catch (\Comet\UnknownIdException $e) {
    die('Unknown user ID');
}


$auth->admin()->getRolesForUserById($userId);


try {
    $auth->admin()->logInAsUserById($_POST['id']);
}
catch (\Comet\UnknownIdException $e) {
    die('Unknown ID');
}
catch (\Comet\EmailNotVerifiedException $e) {
    die('Email address not verified');
}

// or

try {
    $auth->admin()->logInAsUserByEmail($_POST['email']);
}
catch (\Comet\InvalidEmailException $e) {
    die('Unknown email address');
}
catch (\Comet\EmailNotVerifiedException $e) {
    die('Email address not verified');
}

// or

try {
    $auth->admin()->logInAsUserByUsername($_POST['username']);
}
catch (\Comet\UnknownUsernameException $e) {
    die('Unknown username');
}
catch (\Comet\AmbiguousUsernameException $e) {
    die('Ambiguous username');
}
catch (\Comet\EmailNotVerifiedException $e) {
    die('Email address not verified');
}


try {
    $auth->admin()->changePasswordForUserById($_POST['id'], $_POST['newPassword']);
}
catch (\Comet\UnknownIdException $e) {
    die('Unknown ID');
}
catch (\Comet\InvalidPasswordException $e) {
    die('Invalid password');
}

// or

try {
    $auth->admin()->changePasswordForUserByUsername($_POST['username'], $_POST['newPassword']);
}
catch (\Comet\UnknownUsernameException $e) {
    die('Unknown username');
}
catch (\Comet\AmbiguousUsernameException $e) {
    die('Ambiguous username');
}
catch (\Comet\InvalidPasswordException $e) {
    die('Invalid password');
}


\session_name();


\Comet\Auth::createRememberCookieName();


   \ini_set('session.name', 'session_v1');
   

   \session_name('session_v1');
   

   \ini_set('session.cookie_domain', 'example.com');
   

   \ini_set('session.cookie_path', '/');
   

   \ini_set('session.cookie_httponly', 1);
   

   \ini_set('session.cookie_secure', 1);
   

$length = 24;
$randomStr = \Comet\Auth::createRandomString($length);


$uuid = \Comet\Auth::createUuid();


function isPasswordAllowed($password) {
    if (\strlen($password) < 8) {
        return false;
    }

    $blacklist = [ 'password1', '123456', 'qwerty' ];

    if (\in_array($password, $blacklist)) {
        return false;
    }

    return true;
}

if (isPasswordAllowed($password)) {
    $auth->register($email, $password);
}


\header_remove('X-Frame-Options');