1. Go to this page and download the library: Download ride/lib-security library. Choose the download type require.
2. Extract the ZIP file and open the index.php.
3. Add this code to the index.php.
<?php
require_once('vendor/autoload.php');
/* Start to develop here. Best regards https://php-download.com/ */
ride / lib-security example snippets
use ride\library\encryption\hash\GenericHash;
use ride\library\event\EventManager;
use ride\library\http\Request;
use ride\library\security\authenticator\ChainAuthenticator;
use ride\library\security\authenticator\GenericAuthenticator;
use ride\library\security\exception\EmailAuthenticationException;
use ride\library\security\exception\InactiveAuthenticationException;
use ride\library\security\exception\PasswordAuthenticationException;
use ride\library\security\exception\UnauthorizedException;
use ride\library\security\exception\UsernameAuthenticationException;
use ride\library\security\exception\UserNotFoundException;
use ride\library\security\exception\UserSwitchException;
use ride\library\security\matcher\GenericPathMatcher;
use ride\library\security\model\generic\GenericSecurityModel;
use ride\library\security\model\ChainSecurityModel;
use ride\library\security\voter\ChainVoter;
use ride\library\security\voter\ModelVoter;
use ride\library\security\SecurityManager;
use ride\library\system\file\File;
use ride\web\security\authenticator\io\SessionAuthenticatorIO;
use ride\web\security\authenticator\HttpAuthenticator;
function createSecurityManager(EventManager $eventManager, File $fileSecurityModel) {
// first create the default authenticator
$sessionAuthenticatorIO = new SessionAuthenticatorIO(); // used to store values in the session
$salt = 'a-random-string'; // salt for value generation
$timeout = 1800; // time in seconds
$isUnique = false; // allow only 1 client per user at the same time
$genericAuthenticator = new GenericAuthenticator($sessionAuthenticatorIO, $salt, $timeout, $isUnique);
// we use a chain so we can add other implementations like HTTP authentication or OAuth
$chainAuthenticator = new ChainAuthenticator();
$chainAuthenticator->addAuthenticator($genericAuthenticator);
// let's add the HTTP authenticator to the chain (optional)
$realm = 'My Site'; // the title of the login box
$httpAuthenticator = new HttpAuthenticator($sessionAuthenticatorIO, $realm, $eventManager);
$chainAuthenticator->addAuthenticator($httpAuthenticator);
// decide the hash algorithm
$hashAlgorithm = new GenericHash('sha512');
// initialize the voter
$genericPathMatcher = new GenericPathMatcher();
$modelVoter = new ModelVoter($genericPathMatcher);
// again a chain to add other voters if needed
$chainVoter = new ChainVoter();
$chainVoter->addVoter($modelVoter);
// now, we create the security model
// as example we use a file based security model which is good for a small user base.
$xmlSecurityModelIO = new XmlSecurityModelIO($fileSecurityModel);
$genericSecurityModel = new GenericSecurityModel($xmlSecurityModelIO, $eventManager, $hashAlgorithm);
// a chain, you guessed it ...
$chainSecurityModel = new ChainSecurityModel();
$chainSecurityModel->addSecurityModel($genericSecurityModel);
// throw it all together in the security manager
$securityManager = new SecurityManager($chainAuthenticator, $eventManager);
$securityManager->setHashAlgorithm($hashAlgorithm);
$securityManager->setSecurityModel($chainSecurityModel);
$securityManager->setVoter($chainVoter);
return $securityManager;
}
function manageSecurityModel(SecurityManager $securityManager) {
$securityModel = $securityManager->getSecurityModel();
// set the globally secured paths
$securedPaths = array(
'/admin**',
'/sites**',
);
$securityModel->setSecuredPaths($securedPaths);
// create some roles
$administratorRole = $securityModel->createRole();
$administratorRole->setName('Administrator');
$administratorRole->setWeight(99);
$contentManagerRole = $securityModel->createRole();
$contentManagerRole->setName('Content Manager');
$contentManagerRole->setWeight(50);
$securityModel->saveRole($adminstratorRole);
$securityModel->saveRole($contentManagerRole);
// allow paths and grant permissions for the roles
$securityModel->setAllowedPathsToRole($administratorRole, array('**'));
$securityModel->setAllowedPathsToRole($contentManagerRole, array('/sites**'));
$securityModel->setGrantedPermissionsToRole($administratorRole, array('security.switch'));
$securityModel->setGrantedPermissionsToRole($contentManagerRole, array('security.switch'));
// create users
$administratorUser = $securityModel->createUser();
$administratorUser->setUsername('admin');
$administratorUser->setPassword('secure password');
$administratorUser->setIsActive(true);
$contentManagerUser = $securityModel->createUser();
$contentManagerUser->setUsername('cm');
$contentManagerUser->setPassword('secure password');
$contentManagerUser->setIsActive(true);
$securityModel->saveUser($administratorUser);
$securityModel->saveUser($contentManagerUser);
// assign roles to the users
$securityModel->setRolesToUser($administratorUser, array($administratorRole));
$securityModel->setRolesToUser($contentManagerUser, array($contentManagerRole));
// create a super user
$superUser = $securityModel->createUser();
$superUser->setUsername('root');
$superUser->setPassword('secure password');
$superUser->setIsActive(true);
$superUser->setIsSuperUser(true);
$securityModel->saveUser($superUser);
// create a regular user with all properties
$regularUser = $securityModel->createUser();
$regularUser->setDisplayName('John Doe');
$regularUser->setUsername('john');
$regularUser->setPassword('secure password');
$regularUser->setEmail('[email protected]');
$regularUser->setIsEmailConfirmed(true);
$regularUser->setImage('upload/users/john-doe-avatar.png');
$regularUser->setPreference('locale', 'en_GB'); // any custom preference
$regularUser->setIsActive(true);
$securityModel->saveUser($regularUser);
// delete it again
$securityModel->deleteUser($regularUser);
// find some users
$user = $securityModel->getUserById(1);
$user = $securityModel->getUserByUsername('admin');
$user = $securityModel->getUserByEmail('[email protected]');
$options = array(
// 'query' => 'adm',
// 'username' => 'adm',
// 'email' => 'adm',
'page' => 1,
'limit' => 20,
);
$users = $securityModel->getUsers($options);
$numUsers = $securityModel->countUsers($options);
// the same for roles
$role = $securityModel->getRoleById(1);
$role = $securityModel->getRoleByName('Content Manager');
$options = array(
// 'query' => 'content',
// 'name' => 'content',
'page' => 1,
'limit' => 20,
);
$roles = $securityModel->getRoles($options);
$numRoles = $securityModel->countRoles($options);
// obtain all permissions
$permissions = $securityModel->getPermissions();
}
function handleSecurity(SecurityManager $securityManager, Request $request) {
// set the request to the security manager to detect the user from previous requests
$securityManager->setRequest($request);
// get the current user
$user = $securityManager->getUser();
if (!$user) {
// no user logged in from a previous request
try {
$securityManager->login('admin', 'secure password');
} catch (UsernameAuthenticationException $exception) {
// invalid username
} catch (PasswordAuthenticationException $exception) {
// invalid password
} catch (EmailAuthenticationException $exception) {
// email is not confirmed
} catch (InactiveAuthenticationException $exception) {
// user is inactive
}
}
// perform some checks
if ($securityManager->isPermissionGranted('my.permission')) {
// user is granted
} else {
// user is denied
}
if ($securityManager->isPathAllowed('/admin/system', 'GET')) {
// user is allowed
} else {
// user is denied
}
if ($securityManager->isUrlAllowed('https://www.foo.bar/admin/system')) {
// user is allowed
} else {
// user is denied
}
// mock an other user through the switch user feature
try {
$securityManager->switchUser('cm');
// perform a check on the switched user
if ($securityManager->isPermissionGranted('my.permission')) {
// switched user is granted
} else {
// switched user is denied
}
// logout the switched user
$securityManager->logout();
} catch (UserNotFoundException $exception) {
// requested user does not exist
} catch (UserSwitchException $exception) {
// can't switch to a super user as a non super user
} catch (UnauthorizedException $exception) {
// not allowed to switch user
}
// logout the current user
$securityManager->logout();
}
Loading please wait ...
Before you can download the PHP files, the dependencies should be resolved. This can take some minutes. Please be patient.