Germania KG · PermanentAuth
This package was destilled from legacy code!, (*1)
, (*2)
Requirements
Installation with Composer
$ composer require germania-kg/permanent-authentication
MySQL users may install the table auth_logins using auth_logins.sql.txt in sql/ directory., (*3)
Create a persistent login
This Callable stores a selector and token pair in a cookie on the client side
and stores the selected and hashed token in the database. Five ingredients are required:, (*4)
rnd: An instance of RandomLib Generator for creating secure random numbers and strings., (*5)
client_storage: A Callable that stores the selector and token pair on the client-side. On error, it should throw an Exception implementing Germania\PermanentAuth\Exceptions\StorageExceptionInterface. – Create your own or try the implementation described in ClientStorage section below, (*6)
hasher: A Callable that securely hashes the random token created by RandomLib. It is recommended to use PHP's password_hash., (*7)
server_storage: A Callable that stores selector and token hash in the database. On error, it should throw an Exception implementing Germania\PermanentAuth\Exceptions\StorageExceptionInterface. – Create your own or try the implementation described in PdoStorage section below., (*8)
valid_until: A PHP DateTime object which holds the expiration date and time., (*9)
<?php
use Germania\PermanentAuth\CreatePersistentLogin;
use RandomLib\Factory;
use RandomLib\Generator;
// Create Random generator
$factory = new RandomLib\Factory;
$random = $factory->getMediumStrengthGenerator();
// Setup expiration
$expire = new \DateTime;
date_add($expire, date_interval_create_from_date_string('10 days'));
// Setup hash function; this goes to database
$hasher = function( $token ) { return password_hash( $token) };
// On error, throw Germania\PermanentAuth\Exceptions\StorageExceptionInterface
$client_storage = function( $selector, $token, $expire) { return setcookie( ... ); };
$server_storage = function($user_id, $selector, $token_hash, $expire) {
$sql = 'INSERT INTO ...';
};
// Optional: PSR-3 Logger
$create = new CreatePersistentLogin( $random, $client_storage, $hasher, $server_storage, $expire);
$create = new CreatePersistentLogin( $random, $client_storage, $hasher, $server_storage, $expire, $logger);
// Action
$user_id = 99;
$created = $create( $user_id )
// Evaluate
if ($created):
// Success!
endif;
Authenticate a user with permanent login
This Callable tries to retrieve and return a persistent login selector and token. It does not validate the user! — In other words, it tells you who the re-visiting user claims to be., (*10)
<?php
use Germania\PermanentAuth\ClientAuthentication;
// Setup:
// 1. Retrieve the cookie value
$cookie_getter = function( $cookie_name ) {
// return $_COOKIE[ $name ]
return "foo:bar";
};
// 2: Split into selector and token part
$cookie_parser = function( $value ) {
$parts = explode(":", $value);
return (object) array(
'selector' => $parts[0],
'token' => $parts[1]
);
};
$auth = new ClientAuthentication( $cookie_getter, $cookie_parser, "persistent");
// Invoke
$selector_token = $auth();
// Evaluate
if ($selector_token):
// Check if selector and token are valid on server-side
endif;
Helpers
AuthUserInterface
Defines interceptors for the User ID. Required by PermanentAuth\Middleware which expects a user object-, (*11)
<?php
use Germania\PermanentAuth\AuthUserInterface;
class AppUser implements AuthUserInterface
{
public $id;
/**
* Returns the User ID.
* @return mixed
*/
public function getId() {
return $this->id;
}
/**
* Sets the User ID.
* @param mixed $id
*/
public function setId( $id )
{
$this->id = $id;
}
}
Middleware
This PSR-style Middleware identifies a user and validates the claimed login selector against database. On success, assign found User ID to user object., (*12)
Requires a PermanentAuth\AuthUserInterface instance., (*13)
<?php
use Germania\PermanentAuth\Middleware;
use Slim\App;
$app = new App;
$user = new AppUser;
$middleware = new Middleware( $user, ... );
$app->add( $middleware );
ClientStorage
Store selector and token on the client-side.
Random-generated selector and token are base64-encoded and sent to the Client as cookie, together with expiration date., (*14)
<?php
use Germania\PermanentAuth\ClientStorage;
PdoStorage
Store selector and token hash in the database, together with expiration date., (*15)
<?php
use Germania\PermanentAuth\PdoStorage;
PdoValidator
Validate a login selector and token against token hash in the database., (*16)
<?php
use Germania\PermanentAuth\PdoValidator;
PdoDelete
Remove all permanent logins for a given user., (*17)
<?php
use Germania\PermanentAuth\PdoDelete;
Development
$ git clone https://github.com/GermaniaKG/PermanentAuth.git
$ cd PermanentAuth
$ composer install
Unit tests
Either copy phpunit.xml.dist to phpunit.xml and adapt to your needs, or leave as is. Run PhpUnit test or composer scripts like this:, (*18)
$ composer test
# or
$ vendor/bin/phpunit
Setup a MySQL table auth_logins as in sql/auth_logins.sql.txt.
In phpunit.xml, edit the database credentials:, (*19)
<php>
<var name="DB_DSN" value="mysql:host=localhost;dbname=DBNAME;charset=utf8" />
<var name="DB_USER" value="DBUSER" />
<var name="DB_PASSWD" value="DBPASS" />
<var name="DB_DBNAME" value="DBNAME" />
</php>
Wallogit.com
