laravelGitzella

Best laravel framework open-source packages.

AuthPHP
Authorization plugin
Trushin Victor
Updated 8 years ago

AuthPHP

AuthPHP is a plugin for implementing authorization on a website.

Requirements

  • PHP 5.4
  • PDO class (optionally is included)
  • MySQL

Summary

  • Simple usage
  • Supports multiple connections
  • Tracks the user ip on each connection
  • Implements "white" and "black" IP list
  • Supports user roles on different pages
  • Making logs

Setup

Setting up the plugin is quite simple as you can see below:

// Get plugin instance
$auth = require_once 'Auth_v2/Base.php';

// Using buit-in methods for changing configuration
$auth->config(array(...));
$auth->DBconfig(array(...));

// Using config.ini file
// Example is provided in package
$auth->iniConfig('config.ini');

// Connect to database. Plugin is using PDO class
$auth->connect( HOST_NAME, DB_NAME, LOGIN, PASSWORD);

Login

For making the login page you need to write these lines:

if (isset($_POST["login"]) && isset($_POST["password"])){
  $auth->login($_POST["login"], $_POST["pwd"], isset($_POST["remember"]));
}
// If the 'remember' is checked, plugin will create cookie. Otherwise - session.

Lockscreen

For making the lockscreen page you need to write these lines:

if (isset($_POST["pwd"])) {
  $auth->lockscreen($_POST["pwd"], isset($_POST["remember"]));
}
// If the 'remember' is checked, plugin will create cookie. Otherwise - session.

Check auth status

On each page of your site you need to call this function in order to check is user authorized or not:

$auth->check();

Log out

For implementing logout yut need to call these functions:

// Close curent connection
$auth->logOut();

// Close all open connections for current user
$auth->full_logOut();

Using roles

For implementing role management, you need on each page run command below before checking the login status:

$auth->setAllowedRoles(array(...)); // array(1, 20, 50)

So if user's role is not mentioned in specified list, access will be prohibited. If in settings is specified onRoleMismatch, then user will be rerouted to the specified url. But he will not be logged out. Therefore, if it is necessary, you can do it manually.

Multiple connections

Using multiple connections is quite simple. You just need to switch multiple parameter to true. In this case new token is created each time when user inputs his login and password and gets access to system.

IP list

If you want to give access to only specified IP, or to block some IP, you should specify which list you want to use in IPList and insert the data in the list. An example is specified below:

$auth->config(array(
  'IPList' => 'black',
  'IPBlackList' => array(
    '192.168.1.100',
    '192.168.20.100'
  )
));

List of configurations

Plugin settings

Do not be scared of such a huge set of configurations. It is quite easy to adopt the plugin to your system.

  • makeLog (boolean) Default true:
    Write logs or not. Log file is located in the plugin directory. You should close access to it by .htaccess
  • hashName string Default 'token':
    Defines key for the token stored at the user side.
  • cookiePath string Default '/':
    Defines visibility area for cookies
  • authTime integer Default 10800:
    Time in seconds, during which user could stay logged in.
  • lockDelay integer Default 1200:
    Time in seconds, after which user will be rerouted to lockscreen (if it is enabled).
  • checkIPToken string Default 'strict':
    Possible variants 'strict', 'to_lockscreen' and 'acceptable'. Defines action, fired when stored and current IP are different.
  • multiple boolean Default true:
    Enable or disable multiple connections to a single account.
  • onMultiple string Default 'allow':
    Action fired when multiple connections are disabled. Possible variants are 'allow' and 'discard'. If you allow user log in, it will just rewrite token in database. If you do not allow user log into system, error with status 'User is already logged in' will be fired.
  • reroute boolean Default true:
    Reroute user to specified pages on key points or not.
  • useLockscreen boolean Default true:
    Use lockscreen in system or not
  • loginPageUrl string Default '/':
    Link to the login page relatively to the site corner
  • lockscreenPageUrl string Default '/lockscreen':
    Link to the lockscreen page relatively to the site corner
  • successUrl string Default '/dashboard':
    Link to the 'success' page relatively to the site corner
  • lockscreenRef boolean|string Default false:
    Link to the referer page, wrom which user were rerouted to lockscreen.
  • IPList string Default 'black':
    Which IP list use 'white' or 'black'.
  • IPWhiteList array(int) Default empty:
    List of IP that have the access to the system
  • IPBlackList array(int) Default empty:
    List of prohibited IP.
  • onRoleMismatch boolean|string Default false:
    Link to the page, to which user will be rerouted in case of role mismatch.
Database settings

In the DBconfig are stored table and field names. So you can use your own tables by changing these names in settings.

Table 'user' In config: tUserInfo

Field name Field type In config Description
id int(11) PK User identificator
login varchar(36) fLogin User's login
pwd varchar(36) fPassword User's password
role int(11) fRole User's role

P.S. By switching hashLogin parameter to false, you can use not hashed login (email instead of login).

Table 'token' In config: tUserToken

Field name Field type In config Description
id int(11) PK Token identificator
id_user int(11) FK fIdUser Link to the user
token varchar(36) fToken Contains token itself
time_add datetime curr_timestamp fTokenAdd Time when user logged in
user_ip varchar(36) fTokenIp Contains user's IP, which he has had when token were created
Tags authorization php
Package Owner
v1996-96
Trushin Victor
 Gitzella Github
Package Info
View on Github
Homepage
Package Tags