PHPackages andrewdyer/auth-gate - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. andrewdyer/auth-gate ActiveLibrary[Authentication & Authorization](/categories/authentication) andrewdyer/auth-gate ==================== A framework-agnostic PHP library for defining and enforcing authorisation rules through a simple, expressive gate interface 2.0.3(1w ago)00MITPHPPHP ^8.3 Since Dec 23Pushed 1w ago1 watchersCompare [ Source](https://github.com/andrewdyer/auth-gate)[ Packagist](https://packagist.org/packages/andrewdyer/auth-gate)[ Docs](https://github.com/andrewdyer/auth-gate)[ RSS](/packages/andrewdyer-auth-gate/feed)WikiDiscussions main Synced 1w ago READMEChangelog (5)Dependencies (2)Versions (8)Used By (0) [![Auth Gate](https://camo.githubusercontent.com/185a61c8491cc2580334c8e7feb5f68450be391bbc36d2638e8017d53cd08dbc/68747470733a2f2f7075626c69632d6173736574732e616e64726577647965722e726f636b732f696d616765732f636f766572732f617574682d676174652e706e67)](https://camo.githubusercontent.com/185a61c8491cc2580334c8e7feb5f68450be391bbc36d2638e8017d53cd08dbc/68747470733a2f2f7075626c69632d6173736574732e616e64726577647965722e726f636b732f696d616765732f636f766572732f617574682d676174652e706e67) [![Latest Stable Version](https://camo.githubusercontent.com/76e367df2d082012ff6dabfe257b4f783bf26fd5af453152b4709d0d662854e1/68747470733a2f2f706f7365722e707567782e6f72672f616e64726577647965722f617574682d676174652f762f737461626c653f7374796c653d666f722d7468652d6261646765)](https://packagist.org/packages/andrewdyer/auth-gate) [![Total Downloads](https://camo.githubusercontent.com/5d0a18d42d375e22a218f43cc2e306e1d9b206edaf315742223c8407bd681f7e/68747470733a2f2f706f7365722e707567782e6f72672f616e64726577647965722f617574682d676174652f646f776e6c6f6164733f7374796c653d666f722d7468652d6261646765)](https://packagist.org/packages/andrewdyer/auth-gate) [![License](https://camo.githubusercontent.com/32da908de09a590f70e0726043972fe947735f1fcb8782f3aa947c74e20c629e/68747470733a2f2f706f7365722e707567782e6f72672f616e64726577647965722f617574682d676174652f6c6963656e73653f7374796c653d666f722d7468652d6261646765)](https://packagist.org/packages/andrewdyer/auth-gate) [![PHP Version Required](https://camo.githubusercontent.com/62f619ad8d38c1a4d70ee2307ea975ee79240b671d888c65339454d5b1bd2f3e/68747470733a2f2f706f7365722e707567782e6f72672f616e64726577647965722f617574682d676174652f726571756972652f7068703f7374796c653d666f722d7468652d6261646765)](https://packagist.org/packages/andrewdyer/auth-gate) Built on top of [andrewdyer/php-package-template](https://github.com/andrewdyer/php-package-template) Auth Gate ========= [](#auth-gate) A framework-agnostic PHP library for defining and enforcing authorisation rules through a simple, expressive gate interface. Introduction ------------ [](#introduction) This library provides a lightweight, dependency-free mechanism for registering ability callbacks and evaluating them against an authenticated actor — the user performing the action. It supports before-hooks for global overrides, multiple ability checks, and throws a typed exception when authorisation fails, making it straightforward to integrate into any PHP application regardless of framework. Prerequisites ------------- [](#prerequisites) - **[PHP](https://www.php.net/)**: Version 8.3 or higher is required. - **[Composer](https://getcomposer.org/)**: Dependency management tool for PHP. Installation ------------ [](#installation) ``` composer require andrewdyer/auth-gate ``` Getting Started --------------- [](#getting-started) ### 1. Implement the actor [](#1-implement-the-actor) Any class that represents an authenticated actor must implement the `Authenticatable` interface. This is the object that will be evaluated against your defined abilities. ``` use AndrewDyer\Gate\Contracts\Authenticatable; class User implements Authenticatable { public function __construct( public readonly int $id, public readonly bool $admin = false, ) {} public function isAdmin(): bool { return $this->admin; } } ``` ### 2. Create a Gate instance [](#2-create-a-gate-instance) Instantiate the `Gate` with the authenticated actor. This instance will be used to define and evaluate abilities. ``` use AndrewDyer\Gate\Gate; $actor = new User(id: 1); $gate = new Gate($actor); ``` Usage ----- [](#usage) The following examples demonstrate the available gate operations using the setup above. ### Defining Abilities [](#defining-abilities) Abilities are registered via the `define` method, which accepts an ability name and a callback that returns a boolean. ``` $gate->define('edit-post', function ($actor, $post) { return $actor->id === $post->authorId; }); ``` ### Checking Abilities [](#checking-abilities) Use `allows` and `denies` to evaluate a single ability, or `all` and `any` for multiple abilities. ``` $gate->allows('edit-post', $post); // true or false $gate->denies('edit-post', $post); // true or false $gate->all(['edit-post', 'delete-post'], $post); // true if all pass $gate->any(['edit-post', 'view-post'], $post); // true if any pass ``` ### Authorising Actions [](#authorising-actions) `authorize` throws an `UnauthorizedException` if the actor lacks any of the given abilities. ``` use AndrewDyer\Gate\UnauthorizedException; try { $gate->authorize(['edit-post'], $post); } catch (UnauthorizedException $e) { // Actor is not authorised } ``` ### Registering Before Callbacks [](#registering-before-callbacks) Before callbacks run prior to all ability checks. Returning `true` or `false` short-circuits the evaluation; returning `null` (or nothing) defers to the defined ability. ``` $gate->before(function ($actor, $ability) { if ($actor->isAdmin()) { return true; } }); ``` License ------- [](#license) Licensed under the [MIT license](https://opensource.org/licenses/MIT) and is free for private or commercial projects. ### Health Score 43 — FairBetter than 89% of packages Maintenance98 Actively maintained with recent releases Popularity0 Limited adoption so far Community4 Small or concentrated contributor base Maturity58 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~104 days Recently: every ~130 days Total 6 Last Release 12d ago Major Versions 1.x-dev → 2.0.02026-04-18 PHP version history (2 changes)1.0.1PHP ^7.2.5 2.0.0PHP ^8.3 ### Community Maintainers ![](https://www.gravatar.com/avatar/666597ea6e46748a89fe8764d1a45b4d0da97daf1bb1e9770ea34ae41f706d08?d=identicon)[andrewdyer](/maintainers/andrewdyer) ### Code Quality TestsPHPUnit Code StylePHP CS Fixer ### Embed Badge ![Health badge](/badges/andrewdyer-auth-gate/health.svg) ``` [![Health](https://phpackages.com/badges/andrewdyer-auth-gate/health.svg)](https://phpackages.com/packages/andrewdyer-auth-gate) ``` ### Alternatives [kartik-v/yii2-password Useful password strength validation utilities for Yii Framework 2.0 761.2M17](/packages/kartik-v-yii2-password) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)