hermes-php/cerberus
This package is abandoned and no longer maintained.
No replacement package was suggested.
A full-blown PSR-7 authentication system inspired in Symfony Security Component
Maintainers
dev-master
2018-12-24 22:59 UTC
Requires
- php: >=7.2
- ext-sodium: *
- hansott/psr7-cookies: ^2.0
- php-http/message-factory: ^1.0
- psr/container: ^1.0
- psr/http-factory: ^1.0
- psr/http-message: ^1.0
- psr/http-server-middleware: ^1.0
- tuupola/callable-handler: ^1.0
Requires (Dev)
- friendsofphp/php-cs-fixer: ^2.12
- phpunit/phpunit: ^7.3
- symfony/var-dumper: ^4.1
Suggests
None
Provides
None
Conflicts
None
Replaces
None
MIT 631f32fefb1a9924eb62f1fd3f30f072fbc08b8f
- Matias Navarro Carter <mnavarrocarter.woop@gmail.com>
This package is not auto-updated.
Last update: 2019-08-18 18:27:20 UTC
README
A full-blown PSR-7 authentication system inspired in Symfony Security Component.
The main purpose of this middleware is to authenticate the request using flexible and user defined rules and generate an AuthenticationContext object to pass to the rest of the middleware stack.
Firewall: Must be configured with the following things:
- pattern
- CredentialManager (two methods: extract and verify)
- AccountProvider
- AuthHandler (two methods: handle success, handle error)
Firewall it's a middleware in itself, so we have three middleware:
- Firewall detection middleware: checks if a middleware matches and stores it in a request property.
- Firewall execution middleware: fetches the middleware from the request, and applies it. If auth is successful, then request will have a AuthContext object.
Implementations:
- LazyCredentialManager
- LazyAuthHandler
- LazyAccountProvider
- ChainAccountProvider
- LazyFirewall
- JwtCredentialManager
- FormLoginCredentialManager
- CookieCredentialManager
- ChainCredentialManager
- RedirectAuthHandler
- CookieRedirectAuthHandler
- JsonResponseAuthHandler
3 steps form:
- extract credentials
- extract user
- verify password