Skip to content
/ php-http-auth-server Public

PHP library for easy server side implementation of multiple types of HTTP authentication

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

freenetis/php-http-auth-server

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
src
src
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
.travis.yml
.travis.yml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 
phpunit.xml
phpunit.xml
 
 

Repository files navigation

PHP-HTTP-Auth-server

Build Status

PHP-HTTP-Auth-server is a library for easy implementation of multiple types of HTTP authentication on server side in PHP.

Supported HTTP authentication methods:

  • Basic HTTP authentication,
  • Digest HTTP authentication (this authentication method requires mod_auth_digest to be enabled on Apache server).

How to install?

TODO: using composer

How to use it?

1. Create an account manager

Account manager is responsible for accessing of information about user accounts. Each manager must implements \phphttpauthserver\IAccountManager that defines single method getUserPassword(string). Simple implementation of the account manager may look like this:

class MySimpleAccountManager implements \phphttpauthserver\IAccountManager {
    
    private static $users = array(
        'ned' => 'winter_is_coming',
        'jaime' => 'hear_me_roar'
    );
    
    public function getUserPassword($username) {
        if (!array_key_exists($username, self::$users)) {
            return FALSE;
        }
        return self::$users[$username];
    }
    
}

Commonly account manager will somehow access database that contains user accounts information.

2. Init authentication service and perform authentication

Authentication service can be create using factory builder method available through \phphttpauthserver\HttpAuth class. In order to create the service you must provide type of authentication (basic or digest), an account manager instance and authentication realm name. A service that handles HTTP basic authentication can be created like this:

$manager = new MySimpleAccountManager();
$service = \phphttpauthserver\HttpAuth::factory('basic', $manager, 'Test realm');

The created service can use its method auth() that performs authentication from information retrieved from the passed account manager and PHP server variables. Methods returns an instance of \phphttpauthserver\HttpAuthResponse that contains following properties:

  • passed defines whether client request passed authentication,
  • errors contains an array of errors if request not passed,
  • headers contains HTTP headers that should be send in the server response.

Example of performing authentication with the created service:

$response = $service->auth();
if ($response->isPassed()) {
    echo 'logged in as ' . $response->getUsername();
} else {
    $errors = implode("\n", $response->getErrors());
    if (headers_send()) {
        die('Authorization Required: ' . $errors);
    }
    header('HTTP/1.0 401 Authorization Required');
    foreach ($response->getHeaders() as $key => $value) {
        header($key . ': ' . $value);
    }
    die($errors);
}

About

PHP library for easy server side implementation of multiple types of HTTP authentication

Resources

Readme

License

GPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases 3

0.1.2 Latest
Jan 28, 2015
+ 2 releases

Packages

No packages published

Languages