PHP download

Download the PHP package lm-commons/lmc-user without Composer

On this page you can find all versions of the php package lm-commons/lmc-user. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download lm-commons/lmc-user
More information about lm-commons/lmc-user
Files in lm-commons/lmc-user

Vendor lm-commons
Package lmc-user
Short Description A generic user registration and authentication module for Laminas. Supports Laminas\Db and Doctrine2.
License BSD-3-Clause
Homepage https://github.com/LM-Commons/LmcUser

Keywords laminas

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of lm-commons/lmc-user

Informations about the package lmc-user

LmcUser

Based on ZfcUser by Evan Coury and the ZF-Commons team

Introduction

LmcUser is a user registration and authentication module for Laminas. LmcUser provides the foundations for adding user authentication and registration to your Laminas site. It is designed to be very simple and easy to extend.

More information and examples are available on the LmcUser Wiki

Requirements

Laminas (latest master)

Features / Goals

Authenticate via username, email, or both (can opt out of the concept of username and use strictly email) [COMPLETE]
User registration [COMPLETE]
Forms protected against CSRF [COMPLETE]
Out-of-the-box support for Doctrine2 and Laminas\Db [COMPLETE]
Robust event system to allow for extending [COMPLETE]
Provide ActionController plugin and view helper [COMPLETE]

Installation

Main Setup

With composer

Add this project in your composer.json:
Now tell composer to download LmcUser by running the command:

Post installation

Enabling it in your application.config.phpfile.

Post-Install: Laminas\Db

If you do not already have a valid Laminas\Db\Adapter\Adapter in your service manager configuration, put the following in ./config/autoload/database.local.php:

Navigate to http://yourproject/user and you should land on a login page.

Migration from ZfcUser

If using Zend DB update table name to lmc_user

Replace all namespace references to ZfcUser to LmcUser

Update references to the lowercase key zfcuser to lmcuser

Password Security

DO NOT CHANGE THE PASSWORD HASH SETTINGS FROM THEIR DEFAULTS unless A) you have done sufficient research and fully understand exactly what you are changing, AND B) you have a very specific reason to deviate from the default settings.

If you are planning on changing the default password hash settings, please read the following:

The password hash settings may be changed at any time without invalidating existing user accounts. Existing user passwords will be re-hashed automatically on their next successful login.

WARNING: Changing the default password hash settings can cause serious problems such as making your hashed passwords more vulnerable to brute force attacks or making hashing so expensive that login and registration is unacceptably slow for users and produces a large burden on your server(s). The default settings provided are a very reasonable balance between the two, suitable for computing power in 2013.

Options

The LmcUser module has some options to allow you to quickly customize the basic functionality. After installing LmcUser, copy ./vendor/lm-commons/lmc-user/config/lmcuser.global.php.dist to ./config/autoload/lmcuser.global.php and change the values as desired.

The following options are available:

user_entity_class - Name of Entity class to use. Useful for using your own entity class instead of the default one provided. Default is LmcUser\Entity\User.
enable_username - Boolean value, enables username field on the registration form. Default is false.
auth_identity_fields - Array value, specifies which fields a user can use as the 'identity' field when logging in. Acceptable values: username, email.
enable_display_name - Boolean value, enables a display name field on the registration form. Default value is false.
enable_registration - Boolean value, Determines if a user should be allowed to register. Default value is true.
login_after_registration - Boolean value, automatically logs the user in after they successfully register. Default value is false.
use_registration_form_captcha - Boolean value, determines if a captcha should be utilized on the user registration form. Default value is true. (Note, right now this only utilizes a weak Laminas\Text\Figlet CAPTCHA, but I have plans to make all Laminas\Captcha adapters work.)
login_form_timeout - Integer value, specify the timeout for the CSRF security field of the login form in seconds. Default value is 300 seconds.
user_form_timeout - Integer value, specify the timeout for the CSRF security field of the registration form in seconds. Default value is 300 seconds.
use_redirect_parameter_if_present - Boolean value, if a redirect GET parameter is specified, the user will be redirected to the specified URL if authentication is successful (if present, a GET parameter will override the login_redirect_route specified below).
login_redirect_route String value, name of a route in the application which the user will be redirected to after a successful login.
logout_redirect_route String value, name of a route in the application which the user will be redirected to after logging out.
password_cost - This should be an integer between 4 and 31. The number represents the base-2 logarithm of the iteration count used for hashing. Default is 10 (about 10 hashes per second on an i5).
enable_user_state - Boolean value, enable user state usage. Should user's state be used in the registration/login process?
default_user_state - Integer value, default user state upon registration. What state user should have upon registration?
allowed_login_states - Array value, states which are allowing user to login. When user tries to login, is his/her state one of the following? Include null if you want user's with no state to login as well.

Changing Registration Captcha Element

NOTICE These instructions are currently out of date.

By default, the user registration uses the Figlet captcha engine. This is because it's the only one that doesn't require API keys. It's possible to change out the captcha engine with DI. For example, to change to Recaptcha, you would add this to one of your configuration files (global.config.php, module.config.php, or a dedicated recaptcha.config.php):

<?php
// ./config/autoload/recaptcha.config.php
return  [
    'di'=>  [
        'instance'=> [
            'alias'=> [
                // OTHER ELEMENTS....
                'recaptcha_element' => \Laminas\Form\Element\Captcha::class,
            ],
            'recaptcha_element' =>  [
                'parameters' => [
                    'spec' => 'captcha',
                    'options'=> [
                        'label'      => '',
                        'required'   => true,
                        'order'      => 500,
                        'captcha'    =>  [
                            'captcha' => 'ReCaptcha',
                            'privkey' => RECAPTCHA_PRIVATE_KEY,
                            'pubkey'  => RECAPTCHA_PUBLIC_KEY,
                        ],
                    ],
                ],
            ],
            \LmcUser\Form\Register::class => [
                'parameters' => [
                    'captcha_element'=>'recaptcha_element',
                ],
            ],
        ],
    ],
];

All versions of lmc-user with dependencies

PHP Build Version

Package Version

Version v3.6.1 Release 14. Mar 2024
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of lmc-user from vendor lm-commons

Requires php Version ^7.3 || ^8.0
laminas/laminas-authentication Version ^2.7
laminas/laminas-crypt Version ^3.0
laminas/laminas-form Version ^3.0
laminas/laminas-inputfilter Version ^2.10
laminas/laminas-loader Version ^2.6
laminas/laminas-modulemanager Version ^2.8
laminas/laminas-mvc Version ^3.0
laminas/laminas-servicemanager Version ^3.0
laminas/laminas-stdlib Version ^3.0
laminas/laminas-validator Version ^2.13
laminas/laminas-db Version ^2.11
laminas/laminas-view Version ^2.11
laminas/laminas-session Version ^2.9
laminas/laminas-http Version ^2.11
laminas/laminas-mvc-plugin-flashmessenger Version ^1.2
laminas/laminas-i18n Version ^2.10
laminas/laminas-mvc-plugin-prg Version ^1.2
laminas/laminas-hydrator Version ^4.1

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package lm-commons/lmc-user contains the following files

Loading the files please wait ....