Download the PHP package tobento/app-user-web without Composer

On this page you can find all versions of the php package tobento/app-user-web. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package app-user-web

App User Web

The User Web provides authentication features such as:

Table of Contents

Getting Started

Add the latest version of the app user web project running this command.

Requirements

Documentation

App

Check out the App Skeleton if you are using the skeleton.

You may also check out the App to learn more about the app in general.

User Web Boot

The user web boot does the following:

User Web Config

The configuration for the user web is located in the file at the default App Skeleton config location.

Features

Simply, configure any features you want to support in the feature section.

Home Feature

The Home Feature provides a simple home page. In case, you are not using this feature you need to adjust the "home" route in other features or add another route with the name .

Config

In the config file you can configure the home feature:

Login Feature

The Login Feature provides a simple login page where a user can login by his email, smartphone or username and the password.

Config

In the config file you can configure the login feature:

Supporting Remember Me

You may support remember me functionality by the following steps:

1. Enable remember me

In the config, specify a value for the parameter:

The auth token will expire after 6 months unless the user logs out!

2. Use Suitable Token Storage

As remember me tokens are often long-lived, make sure you use the Repository Storage to store tokens, which is configured as default.

3. Add RememeredToken Middleware (optional)

In the add the middleware after the middleware and specify the period of time from the present after which the token is considered as remembered.

After the token is considered as remembered, a new token will be created setting the parameter as . In addition, on every request it will verify the token with the token verifiers defined in the middleware such as checking the password hash.

Once the middleware is added, you may force users to re-authenticate before accessing certain resources if the token is considered as remembered by using the Authenticated Middleware:

Two-Factor Authentication Code Feature

The Two-Factor Authentication Code Feature provides a simple way for two-factor authentication using verification codes.

Config

In the config file you can configure the feature:

Determine When Two Factor Auth Is Required

To enable two-factor authentication you will need to determine when two-factor authentication is required by extending the and customizing the method:

In the replace the default login feature with your customized:

Once this is set up, on successful login, any user with the role business will be redirected to the two-factor authentication page where he can confirm the sent code.

However, the user is not obliged to confirm the code, he could just leave the two-factor authentication page and will be logged in as normal. It is up to you how to handle this. You can use any of the User Permissions Strategies or you may create a middleware to force him to confirm the code before he can access any other routes for instance.

User Permissions Strategies For Two Factor Auth

Using The Authenticated Middleware

The simplest way is just to protect routes from users which are not authenticated via two-factor authentification by using the middleware and defining the parameter with :

You may check out the Authenticated Middleware section for more detail.

Using A Custom Token Authenticator To Change The Users Role

You may change the users role when he has just logged in and is (required) to perform two-factor authentification.

First, create a custom token authenticator and use the token method to check for the value which is set by the Login feature when two-factor authentication is required. Once the user has confirmed the code the value of the token method will be set to and the users original role will be used again:

Next, in the file implement your created custom token authenticator:

Finally, just use the Verify Permission Middleware or the Verify Role Middleware to protect any routes from unauthorized users.

Logout Feature

The Logout Feature provides a simple logout functionality.

Config

In the config file you can configure the logout feature:

Forgot Password Feature

The Forgot Password Feature provides a simple way for users to reset their forgotten passwords.

Config

In the config file you can configure the forgot password feature:

Customize Reset Password Notification

You may customize the reset password notification in two ways:

By adding a custom notification

See Custom Notifications

By customizing the feature

Extend the and customize the method. Within this method, you may send the notification using any notification class of your own creation:

Finally, in the config replace the default Forgot Password feature with your customized:

Register Feature

The Register Feature provides a simple way for users to register.

Config

In the config file you can configure the register feature:

Customize Registration Fields

You may customize the registration fields by the following steps:

1.A Customize the view

In the directory create a new file where you write your custom view code.

1.B Or customize the view using a theme (recommended way)

In your theme create a new file where you write your custom view code.

Check out the App View - Themes section to learn more about it.

2. Customize the validation rules

Customize the registration rules corresponding to the customized view (step 1) by extending the and customizing the method:

Finally, in the config replace the default register feature with your customized:

Customize The Role For Registered Users

You may customize the role for registered users by extending the and customizing the method:

In the config replace the default register feature with your customized:

Make sure you have added the roles, otherwise the role key would be used as the fallback.

Auto Login After Registration

By default, after successful registration users get not authenticated (logged in).

If you want them to get auto logged in just add the listener in the file:

In the file you may redirect users to the profile edit page or any other page you desire:

Account Verification

After users have successfully registered, you may require them to verify at least one channel such as their email address before using the application or individual routes. You can achieve this by the following steps:

1. Auto login users after successful registration

In the file add the listener:

Because only authenticated users are allowed to verify its account!

2. Redirect users to the verification page after successful registration

In the file:

3. Protect routes from unverified users

Use the Verified Middleware to protect any routes from unverified users.

4. Protect the profile feature from unverified users

Extend the and customize the method:

In the config replace the default profile feature with your customized:

5. Protect the profile settings feature from unverified users

Same as step 4. just with the .

Account Verification For Specific User Roles Only

Instead of Account Verification for all users, you may do it only for specific user roles. You can achieve this by the following steps:

1. Customize The Register Feature

Extend the and customize the method:

2. Customize The Role For Registered Users (optional)

Check out the Customize The Role For Registered Users section.

3. Auto Login Users After Registration

You will need to auto login the users which need to verify its account, as only authenticated users are allowed to verify its account:

In the file add the listener:

4. Protect the profile and profile settings feature from unverified users as well as any other routes

See Account Verification step 3, 4 and 5.

Terms and Conditions Agreement

You may users to agree your terms and conditions before they can register:

In the file:

Make sure you have registered your terms route somewhere in your application.

Spam Protection For Registering

The registration form is protected against spam by default using the App Spam bundle. It uses the spam detector as the defined named detector does not exist. In order to use a custom detector, you will just need to define it on the file:

Notifications Feature

The Notifications Feature provides a simple way for users to view their notifications.

Config

In the config file you can configure the notifications feature:

Creating And Sending Notifications

To send notifications to be display on the notifications page you will need to send to the storage channel configured:

Format Notifications

Check out the Storage Notification Formatters section to learn more about formatting the displayed notifications.

Customize Unread Notifications Count

You may customize the unread notifications count logic for the menu badge by extending the and customizing the method.

Example caching the count

Install the App Cache bundle to support caching.

In the config replace the default notifications feature with your customized:

Clear Read Notifications

If you have installed the App Console you may easily delete read notifications running the following command:

You may check out the App Notifier - Clear Notifications Command section for more information about the command.

If you would like to automate this process, consider installing the App Schedule bundle and using a command task:

Profile Feature

The Profile Feature provides a simple way for users to update their profile data, delete their account and to verify their channels.

Config

In the config file you can configure the profile feature:

Customize Information Fields

You may customize the information fields by the following steps:

1.A Customize the view

In the directory create a new file where you write your custom view code.

1.B Or customize the view using a theme (recommended way)

In your theme create a new file where you write your custom view code.

Check out the App View - Themes section to learn more about it.

2. Customize the validation rules

Customize the settings rules corresponding to the customized view (step 1) by extending the and customizing the method:

Finally, in the config replace the default profile settings feature with your customized:

Customize Available Verification Channels To Display

You may customize the available verification channels by extending the and customizing the method:

In the config replace the default profile feature with your customized:

If you allow other channels than and , you will need to customize the verification feature.

Profile Settings Feature

The Profile Settings Feature provides a simple way for users to update their profile settings such as his preferred locale and notification channels.

Config

In the config file you can configure the profile feature:

Customize Settings Fields

You may customize the settings fields by the following steps:

1.A Customize the view

In the directory create a new file where you write your custom view code.

1.B Or customize the view using a theme (recommended way)

In your theme create a new file where you write your custom view code.

Check out the App View - Themes section to learn more about it.

2. Customize the validation rules

Customize the settings rules corresponding to the customized view (step 1) by extending the and customizing the method:

Finally, in the config replace the default profile settings feature with your customized:

Customize Available Notification Channels

You may customize the available notification channels by extending the and customizing the method:

In the config replace the default profile settings feature with your customized:

Verification Feature

The Verification Feature provides a simple way for users to verify their email and smartphone.

Config

In the config file you can configure the verification feature:

Protect Routes From Unverified User

Use the Verified Middleware to protect any routes from unverified users.

Customize Available Channels To Verify

You may customize the available channels which can be verified by extending the and customizing the , and methods.

Do not forget to configure the notifier channels in the config file!

In the config replace the default profile feature with your customized:

Deleting Expired Tokens

Verificator Tokens

The following features use the token or pin code verificator creating tokens which will still be present within your token repository even if expired.

If you have installed the App Console you may easily delete these records running the following command:

If you would like to automate this process, consider installing the App Schedule bundle and using a command task:

Auth Tokens

Or automate this process using a command schedule task:

Visit User - Console for more detail.

View

Acl View Macro

In your view files, you may use the acl macro to check for permission for instance:

Events

Available Events

Event Description
The event will dispatch after a user has deleted his account.
The event will dispatch after a user has logged in.
The event will dispatch after a user login attempt failed.
The event will dispatch after a user has exceeded the maximal number of login attempts.
The event will dispatch after a user is logged out.
The event will dispatch after a user has reset his password.
The event will dispatch after a user password reset attempt failed.
The event will dispatch after a user has registered.
The event will dispatch after a user register attempt failed.
The event will dispatch after a user has updated his profile.
The event will dispatch after a user has verified a channel.
The event will dispatch after a user channel verification attempt failed.
The event will dispatch after a user has verified two-factor authentication code successfully.
The event will dispatch after a user two-factor authentication code verification attempt failed.

Learn More

Login With Smartphone

By default, login with smarthone is enabled. Make sure you have configured the sms channel in the file for sending sms to verify its account for instance.

List Available Routes

Use the Route List Command to get an overview of the available routes.

Newsletter Subscription

You may use the provided Events to subscribe/unsubscribe registered users to an newsletter provider.

Example of Listener:

In the file add the the listener:

You may check out the App Event - Add Listeners section to learn more about it.

Customize Verification Code Notification

You may customize the verification code notification in two ways:

By adding a custom notification

See Custom Notifications

By customizing the pin code verificator

Extend the and customize the method. Within this method, you may send the notification using any notification class of your own creation:

Finally, in the config file replace the default implementation with your custom:

Localization

If you enable feature routes being localized, you can define the languages you support in the .

In the config file:

Check out the App Language to learn more about the languages.

Translations

By default, and translation are available. If you want to support more locales, check out the App Translation to learn more about it.

Credits


All versions of app-user-web with dependencies

PHP Build Version
Package Version
Requires php Version >=8.0
tobento/app Version ^1.0.7
tobento/app-migration Version ^1.0
tobento/app-http Version ^1.0
tobento/app-message Version ^1.0
tobento/app-rate-limiter Version ^1.0
tobento/app-user Version ^1.0
tobento/app-notifier Version ^1.0
tobento/app-language Version ^1.0
tobento/app-translation Version ^1.0
tobento/app-view Version ^1.0
tobento/app-event Version ^1.0
tobento/app-spam Version ^1.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package tobento/app-user-web contains the following files

Loading the files please wait ....