Download the PHP package prokki/htpasswd without Composer
On this page you can find all versions of the php package prokki/htpasswd. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package htpasswd
Htpasswd
This symfony user provider reads user from the htpasswd file.
To use the a htpasswd file you need to execute following three steps:
- Run composer to install the bundle,
- configure your security configuration and
- create a htpasswd password storage file.
All available password formats of the basic authentication are supported: apr1-md5, bcrypt, crypt, sha1 and plain text - see
http://httpd.apache.org/docs/current/misc/password_encryptions.html.
Table of Contents
- Requirements
- Integration & Basic Usage
- Installation
- Symfony Configuration
- Add Htpasswd File
- Advanced Usage & Configuration
- Change Location of Your Htpasswd File
- Change Default User Roles
- User Roles Inside Htpasswd File
- Credits
Requirements
The usage of PHP ≥ v8.0.2 and Symfony ≥ 6 is recommend.
Integration & Basic Usage
Installation
Please install via composer.
The bundle will be automatically added to your bundles.yaml configuration.
Symfony v4, Symfony v5
PHP v7.2 and Symfony 4 is obligatory.
To use an older version of Symfony/PHP please use version 0.*
Symfony Configuration
To enable the functionality you have to change your security configuration manually.
- Enable the provider HtpasswdUserProvider
and the encoder HtpasswdEncoder
in your security configuraton, i.e. in your
%kernel.project_dir%/config/security.yamlfile.- To enable http basic authentication add the
http_basicauthentication method to the firewall configuration. - Additionally be sure to enable access_control for at least one path.
- To enable http basic authentication add the
security.yaml:
Feel free to use the full flexibility of the Symfoniy security layer which means i.e. you can
- chain firewalls,
- add other providers and encoders,
- restrict basic authentication to certain paths only
- etc.
Add Htpasswd File
Create your custom htpasswd file using the htpasswd command in the project directory of your project.
Hint: Usually the command is installed automatically if you run an apache web server, i.e. if you use
xampp or your package management system.
On linux systems the command is mostly provided by the package apache2-utils.
Create a htpasswd file in your project directory. Call the following command and type in your password:
A new file was created in your project:
:warning: For safety reasons we suggest to not include the htpasswd file in your repository!
Advanced Usage & Configuration
You are not really able to change the configuration of the bundle, but at least you can customize the location of your htpasswd file and the default user roles.
In both cases you have to create a new configuratio file htpasswd.yaml for the bundle:
The default content of the file should look like following. If you just insert these configuration, the bundle works with default settings.
Change Location of Your Htpasswd File
It is possible to change the default location by changing the path variable.
This is useful if you use your htpasswd file in other projects or if you set up a basic authentication additionally via your apache2 configuration.
Change Default User Roles
The default user role assigned to each user
(included by the HtpasswdUserProvider)
is ROLE_USER.
To change the default user roles, adapt the roles variable in the configuration:
If you change the roles config parameter, be sure to include all roles which are necessary.
There is no process to add another default user role.
Additionally please take care, that the roles
- follow the recommendations of symfony user roles and
- match the access_control settings in your
security.yamlfile.
User Roles Inside Htpasswd File
The implementation of the basic authentication allows you to add user roles at the end of each line in the htpasswd file.
Similar to overwriting the user roles by configuration, be sure to
- follow the recommendations of symfony user roles and
- match the access_control settings in your
security.yamlfile.
The user roles are a comma-separated list which are separated from the origin line by a colon. Example:
:warning: This feature is probably not supported by all platforms!
Content of a well-structured htpasswd file:
Content of a htpasswd file with additional user roles:
Credits
A big thank you to https://github.com/whitehat101 for the implementation of the apr1-md5 algorithm.
All versions of htpasswd with dependencies
symfony/config Version ^6.0
symfony/dependency-injection Version ^6.0
symfony/http-kernel Version ^6.0
symfony/password-hasher Version ^6.0
symfony/security-core Version ^6.0
whitehat101/apr1-md5 Version ^1.0