Simple and flexible authentication framework.
Via Composer
$ composer require indigophp/guardianThis library provides an easy way to authenticate any entity with OR without persisting and calling it "login".
A simple login example:
use Indigo\Guardian\Identifier\InMemory;
use Indigo\Guardian\Authenticator\UserPassword;
use Indigo\Guardian\Hasher\Plaintext;
use Indigo\Guardian\SessionAuth;
use Indigo\Guardian\Session\Native;
$identifier = new InMemory([
1 => [
'username' => 'john.doe',
'password' => 'secret',
'name' => 'John Doe',
],
]);
$authenticator = new UserPassword(new Plaintext);
$session = new Native;
$auth = new SessionAuth($identifier, $authenticator, $session);
// returns true to indicate success
$auth->login([
'username' => 'john.doe',
'password' => 'secret',
]);Later, when login succeeds, check for the current login:
// returns true/false
$auth->check();
// returns the current caller
$caller = $auth->getCurrentCaller();And logout at the end:
// returns true/false
$auth->logout();Since Guardian is an authentication library, you can easily use it to authenticate API requests without persistence. To achieve this, see the following simple authentication service:
use Indigo\Guardian\Identifier\InMemory;
use Indigo\Guardian\Authenticator\UserPassword;
use Indigo\Guardian\Hasher\Plaintext;
use Indigo\Guardian\RequestAuth;
$identifier = new InMemory([
1 => [
'username' => 'john.doe',
'password' => 'secret',
'name' => 'John Doe',
],
]);
$authenticator = new UserPassword(new Plaintext);
$auth = new RequestAuth($identifier, $authenticator);
$subject = [
'username' => 'john.doe',
'password' => 'secret',
];
// returns true to indicate success
$auth->authenticate($subject);
// returns the caller object if identify succeeds
$caller = $auth->authenticateAndReturn($subject);$ phpspec runPlease see CONTRIBUTING for details.
The MIT License (MIT). Please see License File for more information.