PHPackages appelit/laravel-srp - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. appelit/laravel-srp AbandonedArchivedLibrary[Authentication & Authorization](/categories/authentication) appelit/laravel-srp =================== Laravel SRP (Secure Remote Password) Authentication extension 09PHP Since Aug 23Pushed 7y ago1 watchersCompare [ Source](https://github.com/APPelit/laravel-srp)[ Packagist](https://packagist.org/packages/appelit/laravel-srp)[ RSS](/packages/appelit-laravel-srp/feed)WikiDiscussions master Synced today READMEChangelogDependenciesVersions (1)Used By (0) Larvel SRP ========== [](#larvel-srp) SRP for Laravel [![Latest Stable Version](https://camo.githubusercontent.com/c99b0db40677fc728839011052a90473ab0c12049e3f469051c6b4321546a6bc/68747470733a2f2f706f7365722e707567782e6f72672f617070656c69742f6c61726176656c2d7372702f762f737461626c65)](https://packagist.org/packages/appelit/laravel-srp)[![Latest Unstable Version](https://camo.githubusercontent.com/b860fbd92e1c845b3f9b72979a982aaa92805398541bb097e186d9ddbc940f3f/68747470733a2f2f706f7365722e707567782e6f72672f617070656c69742f6c61726176656c2d7372702f762f756e737461626c65)](https://packagist.org/packages/appelit/laravel-srp)[![Total Downloads](https://camo.githubusercontent.com/dd469e829b00181b98b3eccbbc5481a7b4cf6f183db448bf409e5e2b2b4fca38/68747470733a2f2f706f7365722e707567782e6f72672f617070656c69742f6c61726176656c2d7372702f646f776e6c6f616473)](https://packagist.org/packages/appelit/laravel-srp)[![Monthly Downloads](https://camo.githubusercontent.com/aee88e8fd2de38cf0d748cfbeaaf5891a41713107ae26e90320dbbca8a56d100/68747470733a2f2f706f7365722e707567782e6f72672f617070656c69742f6c61726176656c2d7372702f642f6d6f6e74686c79)](https://packagist.org/packages/appelit/laravel-srp)[![Daily Downloads](https://camo.githubusercontent.com/f9d7e812858802062d3ad2c6d1b35b06bc206f9f0a58208b34ef2754fc84cf73/68747470733a2f2f706f7365722e707567782e6f72672f617070656c69742f6c61726176656c2d7372702f642f6461696c79)](https://packagist.org/packages/appelit/laravel-srp)[![License](https://camo.githubusercontent.com/23c44d9da216718819d3b4172c7561417deda3af5965fca722dfc3feff7adc92/68747470733a2f2f706f7365722e707567782e6f72672f617070656c69742f6c61726176656c2d7372702f6c6963656e7365)](https://packagist.org/packages/appelit/laravel-srp)[![composer.lock](https://camo.githubusercontent.com/5057318578a55aef4ad931c324ccad42b9c7255ba73e708ad84bad27b0d5b575/68747470733a2f2f706f7365722e707567782e6f72672f617070656c69742f6c61726176656c2d7372702f636f6d706f7365726c6f636b)](https://packagist.org/packages/appelit/laravel-srp) About ----- [](#about) Laravel SRP provides an easy layer around the server side of the SRP (Secure Remote Password) protocol for use in your authentication flow. Install ------- [](#install) This package required PHP 7.2 and Laravel 5.6 or higher. To install the package use the command below. ``` composer require appelit/laravel-srp ``` Using ===== [](#using) The package provides a Facade aliased as `\SRP`, this facade can be used to easily access the `APPelit\SRP\SrpService`. Inside SrpService are 2 methods, `challenge` and `authorize`, which represent the challenge and authorization part of the flow. The challenge and authorization both return a class containing all the information required by the client and implements the `Illuminate\Contracts\Support\Jsonable` interface, so it can be returned directly from controller methods. The `APPelit\SRP\AuthenticateResponse` also contains the generated session key (which will NOT be encoded into the response (and never should be)), if required this key can be stored in some sort of (secure) cache or storage to be used later (uses can include message signing and (symmetric) encryption). The package also provides a `APPelit\SRP\Http\AuthenticatesUsers` trait (modelled in a similar fashion as the trait of the same name inside the Laravel framework), this trait exposes a `challenge` and `response` method which are to be used as route endpoints. In order not to force any routing structure (or cause problems by doing so), the routes themselves are not defined and should be added to `routes/web.php` and/or `routes/api.php`. The package provides some sane defaults for the required SRP parameters, it is however recommended to use your own parameters instead. For this reason the package provides a command (`srp:generate`) to generate the required values and insert them into your .env file. It is recommended to use `openssl dhparam` (Google it if unsure) to generate the N and g parameters, since generating these takes a (very) long time when done using PHP and is potentially less secure. You can provide the resulting `dhparam.pem` file using the `-F [pathToFile]` switch and it will be decoded and used instead of generating it. Please note that you must configure the client to use the same values. Since the package is build around the "thinbus-srp-php" package, it is recommended to use the "thinbus-srp" npm package for frontend implementation. **WARNING** This package is currently alpha and should not (yet) be used in production. Testing ------- [](#testing) **NOTE** Tests are not implemented yet, if you use this package and know how to write tests, feel free to contribute them. Run the tests with: ``` vendor/bin/phpunit ``` ### Changelog [](#changelog) Please see [CHANGELOG](CHANGELOG.md) for more information what has changed recently. Security -------- [](#security) If you discover any security-related issues, please email instead of using the issue tracker. Credits ------- [](#credits) - [Mark van Beek](https://github.com/chancezeus) - [All Contributors](CONTRIBUTORS.md) Support us ---------- [](#support-us) APPelit is an IT company based in The Netherlands. You'll find an overview of all our open source projects [on our website](https://appelit.com/opensource). License ------- [](#license) This project is open-source and licensed under the [MIT license](http://opensource.org/licenses/MIT) ### Health Score 19 — LowBetter than 10% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity4 Limited adoption so far Community7 Small or concentrated contributor base Maturity40 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/acc5c752508e6dc16fecb359abf2e24ab3155aadd8c764084a27298c01de5366?d=identicon)[chancezeus](/maintainers/chancezeus) --- Top Contributors [![chancezeus](https://avatars.githubusercontent.com/u/2089196?v=4)](https://github.com/chancezeus "chancezeus (1 commits)") ### Embed Badge ![Health badge](/badges/appelit-laravel-srp/health.svg) ``` [![Health](https://phpackages.com/badges/appelit-laravel-srp/health.svg)](https://phpackages.com/packages/appelit-laravel-srp) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)