PHPackages bitshost/upmvc-saas - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. bitshost/upmvc-saas ActiveProject[Authentication & Authorization](/categories/authentication) bitshost/upmvc-saas =================== upMVC-SaaS. Multi-tenant SaaS starter built on the upMVC PHP framework. Modular MVC, JWT auth, tenant isolation, rate limiting, plan gating. 00PHP Since Jun 7Pushed 2d agoCompare [ Source](https://github.com/upMVC/upMVC-SaaS)[ Packagist](https://packagist.org/packages/bitshost/upmvc-saas)[ RSS](/packages/bitshost-upmvc-saas/feed)WikiDiscussions master Synced 2d ago READMEChangelogDependenciesVersions (2)Used By (0) upMVC-SaaS ========== [](#upmvc-saas) **Multi-tenant SaaS boilerplate built on the upMVC PHP framework.** Spin up a production-ready SaaS platform: multi-tenant architecture, JWT authentication, role-based access, plan gating, a platform admin dashboard, and an API-first data layer — all wired up out of the box. [![PHP](https://camo.githubusercontent.com/83dd395020c37276225039739320f6c8e7e99963ab21ee3d09282cb48dad2a60/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e312532422d626c7565)](https://php.net)[![License](https://camo.githubusercontent.com/f8df3091bbe1149f398a5369b2c39e896766f9f6efba3477c63e9b4aa940ef14/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d677265656e)](LICENSE)[![Packagist](https://camo.githubusercontent.com/d36ad638b0fd44869e47202a43d3bff94460ef98b669603737bb8436c33b9f69/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f62697473686f73742f75706d76632d73616173)](https://packagist.org/packages/bitshost/upmvc-saas) --- What's included --------------- [](#whats-included) - **Multi-tenant isolation** — every tenant has their own slug, users, plan, and data scope - **Dual auth** — session-based login for web shells + stateless JWT for all API calls - **Role-based access** — `platform_admin`, `tenant_owner`, `tenant_user` enforced at middleware level - **Plan & feature gating** — `PlanGateMiddleware` reads plan limits and feature flags per request - **Platform Admin** — manage all tenants, change plans/status, impersonate any tenant - **Impersonation + resume** — platform admin can log in as any tenant and return cleanly - **API-first architecture** — all data flows through `Api/*` modules; web modules are thin JS-driven shells - **JWT rotate** — access token + refresh token rotation with theft detection - **Rate limiting** — configurable per-route via middleware - **PHPMailer** — account activation emails out of the box - **Modern UI** — login page, platform admin, and tenant admin all ship with a clean, responsive design --- Architecture ------------ [](#architecture) ``` src/Modules/ ├── Api/ the data backbone — all business logic lives here │ ├── Modules/Auth/ POST /api/auth/login, /refresh, /logout │ ├── Modules/Plans/ GET /api/plans │ ├── Modules/Tenants/ tenant registration, show, users, public slug │ └── Modules/Admin/ platform admin API — tenant CRUD, impersonate │ ├── Auth/ session-based web login (renders the login/signup pages) ├── PlatformAdmin/ web shell → calls Api/Admin via JS fetch ├── TenantApp/ tenant dashboard shell → calls Api/Tenants via JS fetch ├── TenantShop/ public storefront shell → calls Api/public/tenants via JS fetch ├── Home/ public landing page └── Mail/ PHPMailer wrapper ``` **The rule:** web modules never query the database directly. They render an HTML shell, inject a JWT from the PHP session into JS, and let the browser fetch everything from the API. One data layer, no duplication. --- Installation ------------ [](#installation) ``` composer create-project bitshost/upmvc-saas my-saas cd my-saas ``` The setup script runs automatically and: - copies `.env.example` to `.env` with auto-generated `JWT_SECRET` and `APP_KEY` - creates `storage/` and `src/logs/` directories --- Quick start ----------- [](#quick-start) **1. Configure the environment** Edit `src/Etc/.env`: ``` DOMAIN_NAME=http://localhost SITE_PATH=/my-saas/public # or empty if domain root DB_HOST=localhost DB_NAME=my_saas_db DB_USER=root DB_PASS=secret ``` **2. Import the schema and demo data** ``` mysql -u root -p my_saas_db