Download the PHP package ride/lib-security without Composer

On this page you can find all versions of the php package ride/lib-security. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package lib-security

Ride: Security Library

Security abstraction library of the PHP Ride framework.

This library implements a role-based access control. Read more about this on Wikipedia.

What's In This Library

SecurityModel

The SecurityModel interface is the facade to the data source of the security implementation. It provides users, roles and permissions.

User

The User interface represents a user which can identify him or herself to the application. You can attach roles to the user to grant him or her access to specific parts of the application. The User interface is implemented by the security model.

Role

The Role interface represents a specific set of allowed actions through granted permissions and allowed paths. By attaching a role to a user, you grant the user access to specific parts of the application. The Role interface is implemented by the security model.

Permission

The Permission interface is used to grant or deny a single action.

To secure a part of your application, you should always check for a granted permission in the application code. Don't check if the current user is a specific user, or if the current user has a specific role. You will work against the flexibility of the security model.

The Permission interface is implemented by the security model.

Authenticator

The Authenticator interface decides the mechanism of authentication and keeps the state of the current user.

GenericAuthenticator

The GenericAuthenticator offers a default or generic implementation of the authenticator.

You can turn on unique sessions. This feature is used when a user performs a login from another client, the original client will be logged out.

It also supports the switch user functionality.

ChainAuthenticator

You can use the ChainAuthenticator to chain different authenticators together. Use this to offer different authentication mechanisms simultaneously.

PathMatcher

The PathMatcher has the responsibility to match path regular expressions, or rules, to a provided path and method.

GenericPathMatcher

The GenericPathMatcher offers a default or generic implementation of the path matcher.

There are 3 special tokens which you can use in a rule:

Optionally, you can define one or multiple methods between square brackets.

All rules will be checked and it will happen in the sequence they are provided. This is needed for the not function.

For example, assume the following rules:

These rules will match all requests starting with /admin and /sites except a GET request for the content of every page of my-site.

Voter

The Voter interface is used to check granted permissions and allowed paths.

ModelVoter

The ModelVoter performs it's checks against the security model. It uses the current user and it's roles to obtain granted permissions and allowed paths.

ChainVoter

The ChainVoter is used to combine different voters in a chain. This can be used to catch special cases or some exotic edge case.

You have 3 different strategies:

SecurityManager

The SecurityManager class is the facade to this library. It glues the other components together to an easy to use interface. Use an instance of this class to handle your security.

Code Sample

Check this code sample to see some possibilities of this library:

Note: some classes used in this example are taken from from ride/lib-security-generic, ride/web-security or ride/web-security-generic.

Implementations

For more examples, you can check the following implementations of this library:

Installation

You can use Composer to install this library.


All versions of lib-security with dependencies

PHP Build Version
Package Version
Requires ride/lib-encryption Version ^1.0.0
ride/lib-event Version ^1.0.0
ride/lib-http Version ^1.0.0
ride/lib-log Version ^1.0.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package ride/lib-security contains the following files

Loading the files please wait ....