Download the PHP package jkauflin/jjklogin without Composer

On this page you can find all versions of the php package jkauflin/jjklogin. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of jkauflin/jjklogin

Informations about the package jjklogin

jjklogin

jjklogin is a PHP JWT based project to add user authentication for SPA type web apps.
It provides library classes and UI for:

As well as a Custom Event to access:

Dependencies

To use this project there must be a hosted web application on a server that supports PHP, MySQL/MariaDB, and Composer/Packagist.
Internally it uses CDN includes for Bootstrap

Installation

  1. Add the following dependencies to composer.json to pull in the package from packagist.org

  2. Include the following javascript file in your web page

  3. Use the vendor/jkauflin/jjklogin/createUsersTable.sql to create a users and a jjkloginSettings table in a MySQL database

  4. Copy the vendor/jkauflin/jjklogin/jjkloginSettings.php settings file into an external_includes folder that is on the same level as the public_html of the web app (i.e. parent folder of the web outside of public access), and adjust the settings for the web app, email, keys, and database access

Usage

HTML page usage

After including the jjklogin.js in a web page, include a link with an id of login to re-direct to the project page for authentication functions:

<a class="nav-link" id="login" href="#" role="button">login</a>

It could be included in a Bootstrap navigation list:

<li class="nav-item"><a class="nav-link" id="login" href="#" role="button">login</a></li>

Javascript (Login Authentication Event)

An Event for the user login authentication is available. Simply include the following element in the HTML:

<div id="jjkloginEventElement" class="float-end"></div>

Then you can add the following javascript to respond to the authentication event:

var userName = ""
var userLevel = 0
var jjkloginEventElement = document.getElementById("jjkloginEventElement")
jjkloginEventElement.innerHTML = 'User not logged in'

jjkloginEventElement.addEventListener('userJJKLoginAuth', function (event) {
    userName = event.detail.userName
    userLevel = event.detail.userLevel
    jjkloginEventElement.innerHTML = 'Logged in as ' + userName
});

PHP usage

The javascript variable is helpful for adjusting the display but additional security checks should be done in any PHP files doing service work. The PHP should get the UserRec directly and check authentication and user level before allowing functions. Here is an example of code that can be used in the PHP to throw an exception if the user is not authorized:

$userRec = LoginAuth::getUserRec($cookieName,$cookiePath,$serverKey);
if ($userRec->userName == null || $userRec->userName == '') {
    throw new Exception('User is NOT logged in', 500);
}
if ($userRec->userLevel < 1) {
    throw new Exception('User is NOT authorized (contact Administrator)', 500);
}

Security

This project uses firebase/php-jwt to encode and decode JSON Web Tokens (JWT) in PHP, conforming to RFC 7519. Look in the src/LoginAuth.php class to see how this project securely uses cookies to store the JWT tokens, including:

Registration and Password Set is done via confirmed Email links with registration tokens, and Passwords are encrypted with the newest PHP password_hash function

User authorization and level should be checked before allowing any service functions (see PHP usage above). DO NOT count on the javascript userRec variable, use the direct PHP lookup to get the UserRec from the cookie to double-check authorization before allowing any function

If you feel these measures still have vulnerabilities, please do not use this project

All versions of jjklogin with dependencies

PHP Build Version
Package Version
Requires php Version >=8.0.0
symfony/mailer Version ^6.1
firebase/php-jwt Version ^6.4.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package jkauflin/jjklogin contains the following files

Loading the files please wait ....