通过 
搜索
搜索initphp / auth
1.0
2022-07-14 21:38 UTC
Requires
- php: >=7.4
- initphp/parameterbag: ^1.0
This package is not auto-updated.
Last update: 2024-09-21 06:09:23 UTC
README
此库可以使登录用户数据更加组织化,并易于访问。
特性
- 易于使用的用户权限管理器。
- 能够在cookies或session中使用用户授权数据。
- 能够编写和使用自己的授权类。
需求
- PHP 7.4 或更高版本
- InitPHP 参数袋库
安装
composer require initphp/auth
使用
权限使用
这是一个小巧但功能强大的库,可用于定义用户权限。
require_once 'vendor/autoload.php'; $perm = new \InitPHP\Auth\Permission([ 'editor', 'post_list', 'post_edit', 'post_add', 'post_delete' ]); if($perm->is('editor')){ // has "editor" authority $perm->remove('editor'); // remove "editor" permissions $perm->push('user'); // added "user" permission }
多重使用
/** @var \InitPHP\Auth\Permission $perm */ $perm->is('admin', 'editor'); // True if "admin" or "editor" privileges. Returns false if none of the specified are present. $perm->remove('admin', 'editor'); // Removes the specified permissions. And returns the actual number of permissions removed. $perm->push('admin', 'editor'); // Adds the specified permissions. Returns the number of permissions added.
Cookie 适配器
它管理PHP提供的$_COOKIE中的会话数据。
require_once 'vendor/autoload.php'; use InitPHP\Auth\Segment; $auth = Segment::create('authorization', Segment::ADAPTER_COOKIE, [ 'salt' => 'QO.@zeZiFgSvQd-:' // It is used to verify that the data in this cookie has not changed. Define a unique and secret string of at least 8 characters. ]);
Session 适配器
它管理PHP提供的$_SESSION中的会话数据。
session_start(); require_once 'vendor/autoload.php'; use InitPHP\Auth\Segment; $auth = Segment::create('authorization', Segment::ADAPTER_SESSION);
编写并使用自己的适配器。
以下示例展示了使用数据库连接的基本认证的简单适配器示例。
注意:以下示例仅用于教学目的。直接使用以下代码将导致严重的安全漏洞。
namespace App; class BasicAuthAdapter extends InitPHP\Auth\AbstractAdapter { /** @var \PDO */ protected $pdo; protected array $userInfo = []; public function __construct(string $name, array $options = []) { $this->pdo = new \PDO($options['dsn'], $options['username'], $options['password']); $statement = $this->pdo->prepare("SELECT * FROM `ùsers` WHERE `user_name` = :user_name AND `password` = :password LIMIT 1"); $statement->execute([ ':user_name' => ($_SERVER['PHP_AUTH_USER'] ?? ''), ':password' => md5(($_SERVER['PHP_AUTH_PW'] ?? '')) ]); if($statement->rowCount() > 0){ $this->userInfo = $statement->fetch(\PDO::FETCH_ASSOC); }else{ header("WWW-Authenticate: Basic realm=\"Privare Area\""); header("HTTP/1.0 401 Unauthorized"); echo "Sorry, you need proper credendtials"; exit; } } public function get(string $key, $default = null) { return $this->userInfo[$key] ?? $default; } public function set(string $key, $value): self { if($key == 'user_name'){ return $this; } $statement = $this->pdo->query("UPDATE `ùsers` SET `" . $key . "` = '" . (string)$value . "' WHERE `ùser_name` = " . $this->userInfo['user_name']); if($statement !== FALSE){ unset($this->userInfo[$key]); } return $this; } public function collective(array $data): self { if(isset($data['user_name'])){ unset($data['user_name']); } if(empty($data)){ return $this; } $sql = "UPDATE `ùsers` SET"; foreach ($data as $key => $value) { $sql .= " `" . $key . "` = '" . $value . "'"; } $sql .= " WHERE `ùser_name` = '" . $this->userInfo['user_name'] . "'"; if($this->pdo->query($sql) !== FALSE){ $this->userInfo = array_merge($this->userInfo, $data); } return $this; } public function has(string $key): bool { return isset($this->userInfo[$key]); } public function remove(string ...$key): self { foreach ($key as $name) { if($key == 'user_name'){ continue; } if(isset($this->userInfo[$key])){ $this->userInfo[$key]; $this->pdo->query("UPDATE `ùsers` SET `" . $key . "` = NULL WHERE `ùser_name` = '".$this->userInfo['user_name']."'"); } } return $this; } public function destroy(): bool { $this->userInfo = []; return true; } }
$segment = new \InitPHP\Auth\Segment('', \App\BasicAuthAdapter::class, [ 'dsn' => 'mysql:host=localhost;dbname=test_database;charset=utf8mb4', 'username' => 'root', 'password' => '' ]);
致谢
许可证
版权 © 2022 MIT 许可证