PHPackages artnum/menshen - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. artnum/menshen ActiveLibrary[Authentication & Authorization](/categories/authentication) artnum/menshen ============== Authentication v1.0.0(4y ago)05MITJavaScript Since Oct 4Pushed 4y ago1 watchersCompare [ Source](https://github.com/artnum/Menshen)[ Packagist](https://packagist.org/packages/artnum/menshen)[ RSS](/packages/artnum-menshen/feed)WikiDiscussions master Synced 6d ago READMEChangelogDependencies (1)Versions (2)Used By (0) Menshen ======= [](#menshen) Authentication mechanism for the web using private/public key pair. Stateless --------- [](#stateless) This mechanism is not meant to provide a secure session, only authenticated request. The client use the HTTP header Authorization to add relevant information about the signature. Signature are RSA-PSS, most parameters can be tuned by the client. The server handle only a "client id" and the associate public key. Privacy ------- [](#privacy) The client never need to share the private key with the server. The client handle its private key as it sees fit.$ Simple ------ [](#simple) As the server just need to hash some header and verify it against a given signature, it can be added easly on almost anything without too much modification. As the private key can be in a file, embbed in an URL or a QR Code, it can provide a password-less experience for the user. Once the user register, he received a link with embbed private key. On the first log in, a new pair is generated, the public key is sent to the server, the private one is stored in the IndexedDB of the navigator and a quite secure authentication is set. A password on the private key can be, of course, set for added security. ### Health Score 22 — LowBetter than 22% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity4 Limited adoption so far Community7 Small or concentrated contributor base Maturity50 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 1686d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/a9168a01041c3c57948f819c4f05fc72120f4bd11b08f2dae72f3fdd06c4c9c8?d=identicon)[artnum](/maintainers/artnum) --- Top Contributors [![artnum](https://avatars.githubusercontent.com/u/27413243?v=4)](https://github.com/artnum "artnum (8 commits)") --- Tags authenticationauthentication-strategyrsa-cryptographyrsa-key-pairsecuritystatelesswebAuthentication ### Embed Badge ![Health badge](/badges/artnum-menshen/health.svg) ``` [![Health](https://phpackages.com/badges/artnum-menshen/health.svg)](https://phpackages.com/packages/artnum-menshen) ``` ### Alternatives [tymon/jwt-auth JSON Web Token Authentication for Laravel and Lumen 11.5k49.1M350](/packages/tymon-jwt-auth)[league/oauth2-server A lightweight and powerful OAuth 2.0 authorization and resource server library with support for all the core specification grants. This library will allow you to secure your API with OAuth and allow your applications users to approve apps that want to access their data from your API. 6.6k136.0M248](/packages/league-oauth2-server)[league/oauth2-client OAuth 2.0 Client Library 3.8k118.6M1.2k](/packages/league-oauth2-client)[google/auth Google Auth Library for PHP 1.4k272.7M162](/packages/google-auth)[pragmarx/google2fa A One Time Password Authentication package, compatible with Google Authenticator. 2.0k82.4M164](/packages/pragmarx-google2fa)[paragonie/sodium_compat Pure PHP implementation of libsodium; uses the PHP extension if it exists 934131.6M155](/packages/paragonie-sodium-compat) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)