Download the PHP package mmdm/sim-auth without Composer

On this page you can find all versions of the php package mmdm/sim-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of mmdm/sim-auth

Informations about the package sim-auth

Simplicity Authentication

A library for authentication.

Install

composer

Or you can simply download zip file from github and extract it, then put file to your project library and use it like other libraries.

Just add line below to autoload files:

and you are good to go.

But Wait

Why rough it when composer is here to help us. Please use composer to enjoy this library ☻

Architecture

This library is mostly for role-based and resource-based architecture together. Look at below information:

Collation:

It should be utf8mb4_unicode_ci because it is a very nice collation. For more information about differences between utf8 and utf8mb4 in general and unicode please see this link from stackoverflow

Note: Please use utf8mb4 collations.

Table:

Table Relations:

How to use

First of all you need a PDO connection like below:

[Optionally] Second you need two keys to protect stored credentials. These two keys should be two base64 coded strings. Just generate two passwords and encode them to base64 strings. For more info about these two keys see this link

Available Connections

Shared Methods

AbstractBaseAuth

All connections have below methods:

$pdo_instance: Argument is PDO connection that explained above.

$config: To change the Architecture mentioned above, you can pass and array to change the config or null for default behavior.

setConfig(array $config, bool $merge_config = false)

With this method you can change Architecture signatures. If you need to merge default configuration and passed configuration, you can pass true as seconds parameter.

runConfig()

The configuration can build internally by library. Thi function parse the configuration of library.

Note: If you build tables from configuration by yourself, there is no need to call this method, but please before any table creation, call this method to make your tables.

addResources(array $resources)

Add some resources to database.

$resources array has following structure:

removeResources(array $resources)

Remove some resources from database.

Note: $resources should be array of resources' name or resources' id.

hasResource($resource): bool

Check if a resource is exists or not.

Note: $resources should be array of resources' name or resources' id.

getResources(): array

Get all resources.

Note: It returns all columns of resources table.

getResourcesNames(): array

Get all resources name column.

addRoles(array $roles)

Add some roles to database.

$roles array has following structure:

removeRoles(array $roles)

Remove some roles from database.

Note: $roles should be array of roles' name or roles' id.

hasRole(string $role): bool

Check if a role is exists or not. You must pass the role name as parameter. It is because of convenient to use constants as roles' names.

getRoles(): array

Get all roles.

Note: It returns all columns of roles table.

getAdminRoles(): array

Get all admin roles.

Note: It returns all columns of roles table.

getRolesName(): array

Get all roles name column.

getAdminRolesName(): array

Get all admin's roles name column.

allowRole($resource, array $permission, $role)

Make a role to allow a resource with a specific permission.

Note: You can pass resource's name or id.

Note: You can pass role's name or id.

disallowRole($resource, array $permission, $role)

Make a role to disallow a resource with a specific permission.

Note: You can pass resource's name or id.

Note: You can pass role's name or id.

AbstractAuth

Some connections (that will say in each connection) have below methods:

$pdo_instance: See constructor of AbstractBaseAuth.

$namespace: You can specify a namespace to separate each logic of your application. For example a home namespace for users login and an admin namespace for administrators logic.

$crypt_keys: To protect your cookies and sessions information, you can specify two keys on below structure:

If you don't need any encryption (that is not suggested), you can pass an empty array as value of the parameter.

$storage_type: The storage type tell authentication library to store needed information in where. There are three types of storage:

(They are available under Sim\Auth\Interfaces namespace)

$config: See constructor of AbstractBaseAuth.

getStatus(): int

There are four types of status for better management of authentication:

(They are available under Sim\Auth\Interfaces namespace)

isLoggedIn(): bool

Check if a user is logged in or not.

isExpired(): bool

Check if a user's session/cookie is expired or not.

isSuspended(): bool

Check if a user's session/cookie is suspended or not.

isNone(): bool

Check if there is no status (if status is none or not).

extendSuspendTime()

If it need to extend suspend time to start over the time, this method helps.

setExpiration($timestamp)

Set expiration time for user's login.

Note: Just enter the amount of time you need from now in seconds like 300.

Note: Also can pass string time like [+5 days]

getExpiration(): int

Get login expiration time.

Note: Default expiration time is 31536000 seconds that is 1 year.

setSuspendTime($timestamp)

Set suspend time for user's login.

Note: Just enter the amount of time you need from now in seconds like 300.

Note: Also can pass string time like [+5 days]

getSuspendTime(): int

Get login suspend time.

Note: Default suspend time is 1800 seconds that is 30 minutes.

setStorageType(int $type)

Set storage type of storing data. Storage types are explained above.

getStorageType(): int

Get storage type for storing data.

Note: Default storage type is IAuth::STORAGE_DB.

setNamespace(string $namespace)

Set namespace to separate your logic.

getNamespace(): string

Get current namespace.

Note: Default namespace is default.

loginWithID(int $id)

Make a login with user's id.

resume()

If there were a login before, it resumes that login.

logout()

Make user logout and delete and destroy any stored data.

getSessionUUID($username = null): array

Get a user's UUIDs.

Note: It only works with [IAuth::STORAGE_DB] otherwise it'll not work.

Note: You can pass user's username or id to get UUIDs or pass null or nothing to get current user's UUIDs.

destroySession(string $session_uuid): bool

Destroy a UUID session from database.

Note: It only works with [IAuth::STORAGE_DB] otherwise it'll not work.

getCurrentUser(): ?array

Get current user's credentials.

isAllow($resource, int $permission, $username = null): bool

Check if a user is allow to have a permission to a specific resource or not.

Note: You can pass resource's name or id.

Note: You can pass user's username or id to check or pass null or nothing to check for current user.

Permissions are one of below:

(They are available under Sim\Auth\Interfaces namespace)

allowUser($resource, array $permission, $username = null)

Make a user to allow a resource with a specific permission.

Note: You can pass resource's name or id.

Note: You can pass user's username or id to check or pass null or nothing to check for current user.

disallowUser($resource, array $permission, $username = null)

Make a user to disallow a resource with a specific permission.

Note: You can pass resource's name or id.

Note: You can pass user's username or id to check or pass null or nothing to check for current user.

getUserRole($username): array

Get a user's roles.

Note: You can pass user's username or id.

getCurrentUserRole(): array

Get current user's roles.

userHasRole($role, $username = null): bool

Check user has a specific role

Note: You can pass user's username or id.

addRoleToUser(array $role, $username = null)

Add some roles to a user.

Note: You should pass an array of roles' name.

Note: You can pass user's username or id to add role to or pass null or nothing to add roles to current user.

isAdmin($username = null): bool

Check if a user is admin or not.

Note: You can pass user's username or id to check or pass null or nothing to check for current user.

quoteSingleName(string $name): string

Quote a column or table name or anything that needed to quote.

Note: It is tested with mysql but not with sql server.

Usage of each connection

DBAuth

Contains all of AbstractAuth and below extra information.

$pdo_instance: See constructor of AbstractAuth.

$namespace: See constructor of AbstractAuth.

$crypt_keys: See constructor of AbstractAuth.

$algo: Algorithm to verify the password. It could be one of PASSWORD_DEFAULT or PASSWORD_BCRYPT to verify with password_verify function or other strings to verify with hash function.

$storage_type: See constructor of AbstractAuth.

$config: See constructor of AbstractAuth.

login(array $credentials, string $extra_query = null, array $bind_values = [])

$credentials should be like below structure:

If there are more conditions to check for a user, you can pass them by $extra_query parameter and it MUST be parameterized.

Note: You should know that the login will check inside of a joined tables of users and roles. So if there is a condition, it's better to have the table's name before any column.

Note: You should quote your columns by yourself or use quoteSingleName that explained above.

Note: To get the error of login, put it in try, catch block.

loginWithUsername(string $username, string $extra_query = null, array $bind_values = [])

If there are more conditions to check for a user, you can pass them by $extra_query parameter and it MUST be parameterized.

Note: You should know that the login will check inside of a joined tables of users and roles. So if there is a condition, it's better to have the table's name before any column.

Note: You should quote your columns by yourself or use quoteSingleName that explained before.

Note: To get the error of login, put it in try, catch block.

AbstractAPIAuth

Contains all of AbstractBaseAuth.

$pdo_instance: See constructor of AbstractBaseAuth.

$config: See constructor of AbstractBaseAuth.

isAllow($resource, int $permission, $username = null): bool

Check if a user is allow to have a permission to a specific resource or not.

Note: You can pass resource's name or id.

Note: You can pass user's username or id to check or pass null or nothing to check for current user.

Permissions are one of below:

(They are available under Sim\Auth\Interfaces namespace)

getUserRole($username): array

Get a user's roles.

Note: You can pass user's username or id.

getCurrentUserRole(): array

Get current user's roles.

addRoleToUser(array $roles, $username = null)

Add some roles to a user.

Note: You should pass an array of roles' name.

Note: You can pass user's username or id to add role to or pass null or nothing to add roles to current user.

isAdmin($username = null): bool

Check if a user is admin or not.

Note: You can pass user's username or id to check or pass null or nothing to check for current user.

APIAuth

Contains all of AbstractAPIAuth and below extra information.

validate(array $credentials, string $extra_query = null, array $bind_values = []): bool

$credentials should be like below structure:

If there are more conditions to check for a user, you can pass them by $extra_query parameter and it MUST be parameterized.

Note: You should know that the verify will check inside of a joined tables of api_keys and roles. So if there is a condition, it's better to have the table's name before any column.

Note: You should quote your columns by yourself or use quoteSingleName that explained before.

Note: To get the error of validateAPI, put it in try, catch block.

validateAPI(string $api_key, string $extra_query = null, array $bind_values = []): bool

If there are more conditions to check for a user, you can pass them by $extra_query parameter and it MUST be parameterized.

Note: You should know that the verify will check inside of a joined tables of api_keys and roles. So if there is a condition, it's better to have the table's name before any column.

Note: You should quote your columns by yourself or use quoteSingleName that explained before.

Note: To get the error of validate, put it in try, catch block.

Dependencies

There is some dependencies here including:

Crypt library. With this feature, if any session/cookie hijacking happens, they can't see actual data because it is encrypted.

Cookie library to manipulate cookies.

Session library to manipulate sessions.

Agent library to get user's device and browser information to store in sessions table

And some dependency from Agent library.

License

Under MIT license.

All versions of sim-auth with dependencies

PHP Build Version
Package Version
Requires php Version >=7.2
ext-pdo Version *
ext-json Version *
ext-openssl Version *
mmdm/sim-session Version ^1.0
mmdm/sim-cookie Version ^3.0
jenssegers/agent Version ^2.6
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package mmdm/sim-auth contains the following files

Loading the files please wait ....