PHPackages fyre/auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. fyre/auth ActiveLibrary[Authentication & Authorization](/categories/authentication) fyre/auth ========= An authentication and authorization library. v3.1.12(11mo ago)0733MITPHP Since Oct 18Pushed 11mo ago1 watchersCompare [ Source](https://github.com/elusivecodes/FyreAuth)[ Packagist](https://packagist.org/packages/fyre/auth)[ RSS](/packages/fyre-auth/feed)WikiDiscussions main Synced 3w ago READMEChangelog (10)Dependencies (12)Versions (20)Used By (3) FyreAuth ======== [](#fyreauth) **FyreAuth** is a free, open-source authentication/authorization library for *PHP*. Table Of Contents ----------------- [](#table-of-contents) - [Installation](#installation) - [Basic Usage](#basic-usage) - [Methods](#methods) - [Access](#access) - [Identifier](#identifier) - [Authenticators](#authenticators) - [Cookie](#cookie) - [Session](#session) - [Token](#token) - [Policy Registry](#policy-registry) - [Policies](#policies) - [Middleware](#middleware) Installation ------------ [](#installation) **Using Composer** ``` composer require fyre/auth ``` In PHP: ``` use Fyre\Auth\Auth; ``` Basic Usage ----------- [](#basic-usage) - `$container` is a [*Container*](https://github.com/elusivecodes/FyreContainer). - `$router` is a [*Router*](https://github.com/elusivecodes/FyreRouter). - `$config` is a [*Config*](https://github.com/elusivecodes/FyreConfig). ``` $auth = new Auth($container, $router, $config) ``` Default configuration options will be resolved from the "*Auth*" key in the [*Config*](https://github.com/elusivecodes/FyreConfig). - `$options` is an array containing the configuration options. - `loginRoute` is a string representing the login [route](https://github.com/elusivecodes/FyreRouter) alias, and will default to "*login*". - `authenticators` is an array containing configuration options for the [*authenticators*](#authenticators). - `identifier` is an array containing configuration options for the [*Identifier*](#identifier). - `identifierFields` is string orn array containing the identifier field name(s), and will default to "*email*". - `passwordField` is a string representing the password field name, and will default to "*password*". - `modelAlias` is a string representing the model alias, and will default to "*Users*". - `queryCallback` is a *Closure* that will execute before running an identify query, and will default to *null*. ``` $container->use(Config::class)->set('Auth', $options); ``` **Autoloading** It is recommended to bind the *Auth* to the [*Container*](https://github.com/elusivecodes/FyreContainer) as a singleton. ``` $container->singleton(Auth::class); ``` Any dependencies will be injected automatically when loading from the [*Container*](https://github.com/elusivecodes/FyreContainer). ``` $auth = $container->use(Auth::class); ``` Methods ------- [](#methods) **Access** Get the [*Access*](#access). ``` $access = $auth->access(); ``` **Add Authenticator** Add an [*Authenticator*](#authenticators). - `$authenticator` is an [*Authenticator*](#authenticators). - `$key` is a string representing the authenticator key, and will default to the [*Authenticator*](#authenticators) class name. ``` $auth->addAuthenticator($authenticator, $key); ``` **Attempt** Attempt to login as a user. - `$identifier` is a string representing the user identifier. - `$password` is a string representing the user password. - `$rememberMe` is a boolean indicating whether the user should be remembered, and will default to *false*. ``` $user = $auth->attempt($identifier, $password, $rememberMe); ``` **Authenticator** Get an authenticator by key. - `$key` is a string representing the authenticator key. ``` $authenticator = $auth->authenticator($key); ``` **Authenticators** Get the authenticators. ``` $authenticators = $auth->authenticators(); ``` **Get Login URL** Get the login URL. - `$redirect` is a string or [*Uri*](https://github.com/elusivecodes/FyreURI) representing the redirect URL, and will default to *null*. ``` $url = $auth->getLoginUrl($redirect); ``` **Identifier** Get the [*Identifier*](#identifier). ``` $identifier = $auth->identifier(); ``` **Is Logged In** Determine if the current user is logged in. ``` $isLoggedIn = $auth->isLoggedIn(); ``` **Login** Login as a user. - `$user` is an [*Entity*](https://github.com/elusivecodes/FyreEntity) representing the user. - `$rememberMe` is a boolean indicating whether the user should be remembered, and will default to *false*. ``` $auth->login($user, $rememberMe); ``` **Logout** Logout the current user. ``` $auth->logout(); ``` **User** Get the current user. ``` $user = $auth->user(); ``` Access ------ [](#access) **After** Execute a callback after checking rules. - `$afterCallback` is a *Closure* that accepts the current user, access rule name, current result and any additional arguments. ``` $access->after($afterCallback); ``` **Allows** Check whether an access rule is allowed. - `$rule` is a string representing the access rule name or [*Policy*](#policies) method. Any additional arguments supplied will be passed to the access rule callback or [*Policy*](#policies) method. ``` $result = $access->allows($rule, ...$args); ``` **Any** Check whether any access rule is allowed. - `$rules` is an array containing access rule names or [*Policy*](#policies) methods. Any additional arguments supplied will be passed to the access rule callbacks or [*Policy*](#policies) methods. ``` $result = $access->any($rules, ...$args); ``` **Authorize** Authorize an access rule. - `$rule` is a string representing the access rule name or [*Policy*](#policies) method. Any additional arguments supplied will be passed to the access rule callback or [*Policy*](#policies) method. ``` $access->authorize($rule, ...$args); ``` **Before** Execute a callback before checking rules. - `$beforeCallback` is a *Closure* that accepts the current user, access rule name and any additional arguments. ``` $access->before($beforeCallback); ``` **Clear** Clear all rules and callbacks. ``` $access->clear(); ``` **Define** Define an access rule. - `$rule` is a string representing the access rule name. - `$callback` is a *Closure* that accepts the current user and any additional arguments. ``` $access->define($rule, $callback); ``` **Denies** Check whether an access rule is not allowed. - `$rule` is a string representing the access rule name or [*Policy*](#policies) method. Any additional arguments supplied will be passed to the access rule callback or [*Policy*](#policies) method. ``` $result = $access->denies($rule, ...$args); ``` **None** Check whether no access rule is allowed. - `$rules` is an array containing access rule names or [*Policy*](#policies) methods. Any additional arguments supplied will be passed to the access rule callbacks or [*Policy*](#policies) methods. ``` $result = $access->none($rules, ...$args); ``` Identifier ---------- [](#identifier) **Attempt** Attempt to identify a user. - `$identifier` is a string representing the user identifier. - `$password` is a string representing the user password. ``` $user = $identifier->attempt($identifier, $password); ``` **Get Identifier Fields** Get the user identifier fields. ``` $identifierFields = $identifier->getIdentifierFields(); ``` **Get Model** Get the identity [*Model*](https://github.com/elusivecodes/FyreORM#models). ``` $model = $identifier->getModel(); ``` **Get Password Field** Get the user password field. ``` $passwordField = $identifier->getPasswordField(); ``` **Identify** Find an identity by identifier. - `$identifier` is a string representing the user identifier. ``` $user = $identifier->identify($identifier); ``` Authenticators -------------- [](#authenticators) Custom authenticators can be created by extending the `\Fyre\Auth\Authenticator` class, and overwriting the below methods as required. **Authenticate** Authenticate a [*ServerRequest*](https://github.com/elusivecodes/FyreServer#server-requests). - `$request` is a [*ServerRequest*](https://github.com/elusivecodes/FyreServer#server-requests). ``` $user = $authenticator->authenticate($request); ``` **Before Response** Update the [*ClientResponse*](https://github.com/elusivecodes/FyreServer#client-responses) before sending to client. - `$response` is a [*ClientResponse*](https://github.com/elusivecodes/FyreServer#client-responses). ``` $response = $authenticator->beforeResponse($response); ``` **Login** Login as a user. - `$user` is an [*Entity*](https://github.com/elusivecodes/FyreEntity) representing the user. - `$rememberMe` is a boolean indicating whether the user should be remembered, and will default to *false*. ``` $authenticator->login($user, $rememberMe); ``` **Logout** Logout the current user. ``` $authenticator->logout(); ``` ### Cookie [](#cookie) ``` use Fyre\Auth\Authenticators\CookieAuthenticator; ``` The cookie authenticator can be loaded using custom configuration. - `$auth` is an *Auth*. - `$options` is an array containing configuration options. - `cookieName` is a string representing the cookie name, and will default to "*auth*". - `cookieOptions` is an array containing additional options for setting the cookie. - `expires` is a number representing the cookie lifetime, and will default to *null*. - `domain` is a string representing the cookie domain, and will default to "". - `path` is a string representing the cookie path, and will default to "*/*". - `secure` is a boolean indicating whether to set a secure cookie, and will default to *false*. - `httpOnly` is a boolean indicating whether to the cookie should be HTTP only, and will default to *true*. - `sameSite` is a string representing the cookie same site, and will default to "*Lax*". - `identifierField` is a string representing the identifier field of the user, and will default to "*email*". - `passwordfield` is a string representing the password field of the user, and will default to "*password*". - `salt` is a string representing the salt to use when generating the token, and will default to *null*. ``` $authenticator = new CookieAuthenticator($auth, $options); ``` This authenticator is only active when the `$rememberMe` argument is set to *true* in the `$auth->attempt` or `$auth->login` methods. ### Session [](#session) ``` use Fyre\Auth\Authenticators\SessionAuthenticator; ``` The session authenticator can be loaded using custom configuration. - `$auth` is an *Auth*. - `$session` is a [*Session*](https://github.com/elusivecodes/FyreSession). - `$options` is an array containing configuration options. - `sessionKey` is a string representing the session key, and will default to "*auth*". - `sessionField` is a string representing the session field of the user, and will default to "*id*". ``` $authenticator = new SessionAuthenticator($auth, $session, $options); ``` ### Token [](#token) ``` use Fyre\Auth\Authenticators\TokenAuthenticator; ``` The token authenticator can be loaded using custom configuration. - `$auth` is an *Auth*. - `$options` is an array containing configuration options. - `tokenHeader` is a string representing the token header name, and will default to "*Authorization*". - `tokenHeaderPrefix` is a string representing the token header prefix, and will default to "*Bearer*". - `tokenQuery` is a string representing the query parameter, and will default to *null*. - `tokenField` is a string representing the token field of the user, and will default to "*token*". ``` $authenticator = new TokenAuthenticator($auth, $options); ``` Policy Registry --------------- [](#policy-registry) ``` use Fyre\Auth\PolicyRegistry; ``` - `$container` is a [*Container*](https://github.com/elusivecodes/FyreContainer). - `$inflector` is an [*Inflector*](https://github.com/elusivecodes/FyreInflector). ``` $policyRegistry = new PolicyRegistry($container, $inflector); ``` **Add Namespace** Add a namespace for loading policies. - `$namespace` is a string representing the namespace. ``` $policyRegistry->addNamespace($namespace); ``` **Build** Build a [*Policy*](#policies). - `$alias` is a string representing the [*Model*](https://github.com/elusivecodes/FyreORM#models) alias or class name. ``` $policy = $policyRegistry->build($alias); ``` **Clear** Clear all namespaces and policies. ``` $policyRegistry->clear(); ``` **Get Namespaces** Get the namespaces. ``` $namespaces = $policyRegistry->namespaces(); ``` **Has Namespace** Determine if a namespace exists. - `$namespace` is a string representing the namespace. ``` $hasNamespace = $policyRegistry->hasNamespace($namespace); ``` **Map** Map an alias to a [*Policy*](#policies) class name. - `$alias` is a string representing the [*Model*](https://github.com/elusivecodes/FyreORM#models) alias or class name. - `$className` is a string representing the [*Policy*](#policies) class name. ``` $policyRegistry->map($alias, $className); ``` **Remove Namespace** Remove a namespace. - `$namespace` is a string representing the namespace. ``` $policyRegistry->removeNamespace($namespace); ``` **Resolve Alias** Resolve a modal alias. - `$alias` is a model alias or class name. ``` $alias = $policyRegistry->resolveAlias($alias); ``` **Unload** Unload a policy. - `$alias` is a string representing the [*Model*](https://github.com/elusivecodes/FyreORM#models) alias or class name. ``` $policyRegistry->unload($alias); ``` **Use** Load a shared [*Policy*](#policies) instance. - `$alias` is a string representing the [*Model*](https://github.com/elusivecodes/FyreORM#models) alias or class name. ``` $policy = $policyRegistry->use($alias); ``` Policies -------- [](#policies) Policies can be created by suffixing the singular model alias with "*Policy*" as the class name. Policy rules should be represented as methods on the class, that accept the current user and resolved [*Entity*](https://github.com/elusivecodes/FyreEntity) as arguments. Middleware ---------- [](#middleware) ### Auth Middleware [](#auth-middleware) ``` use Fyre\Auth\Middleware\AuthMiddleware; ``` This middleware will authenticate using the loaded authenticators, and add any authentication headers to the response. - `$auth` is an *Auth*. ``` $middleware = new AuthMiddleware($auth); ``` Any dependencies will be injected automatically when loading from the [*Container*](https://github.com/elusivecodes/FyreContainer). ``` $middleware = $container->use(AuthMiddleware::class); ``` **Handle** Handle a [*ServerRequest*](https://github.com/elusivecodes/FyreServer#server-requests). - `$request` is a [*ServerRequest*](https://github.com/elusivecodes/FyreServer#server-requests). - `$next` is a *Closure*. ``` $response = $middleware->handle($request, $next); ``` This method will return a [*ClientResponse*](https://github.com/elusivecodes/FyreServer#client-responses). ### Authenticated Middleware [](#authenticated-middleware) ``` use Fyre\Auth\Middleware\AuthenticatedMiddleware; ``` This middleware will throw an [*UnauthorizedException*](https://github.com/elusivecodes/FyreError#http-exceptions) or return a login [*RedirectResponse*](https://github.com/elusivecodes/FyreServer#redirect-responses) if the user is not authenticated. - `$auth` is an *Auth*. ``` $middleware = new AuthenticatedMiddleware($auth); ``` Any dependencies will be injected automatically when loading from the [*Container*](https://github.com/elusivecodes/FyreContainer). ``` $middleware = $container->use(AuthenticatedMiddleware::class); ``` **Handle** Handle a [*ServerRequest*](https://github.com/elusivecodes/FyreServer#server-requests). - `$request` is a [*ServerRequest*](https://github.com/elusivecodes/FyreServer#server-requests). - `$next` is a *Closure*. ``` $response = $middleware->handle($request, $next); ``` This method will return a [*ClientResponse*](https://github.com/elusivecodes/FyreServer#client-responses). ### Authorized Middleware [](#authorized-middleware) ``` use Fyre\Auth\Middleware\AuthorizedMiddleware; ``` This middleware will throw a [*ForbiddenException*](https://github.com/elusivecodes/FyreError#http-exceptions) or a login [*RedirectResponse*](https://github.com/elusivecodes/FyreServer#redirect-responses) if the user is not authorized. - `$auth` is an *Auth*. ``` $middleware = new AuthorizedMiddleware($auth); ``` Any dependencies will be injected automatically when loading from the [*Container*](https://github.com/elusivecodes/FyreContainer). ``` $middleware = $container->use(AuthorizedMiddleware::class); ``` **Handle** Handle a [*ServerRequest*](https://github.com/elusivecodes/FyreServer#server-requests). - `$request` is a [*ServerRequest*](https://github.com/elusivecodes/FyreServer#server-requests). - `$next` is a *Closure*. ``` $response = $middleware->handle($request, $next); ``` This method will return a [*ClientResponse*](https://github.com/elusivecodes/FyreServer#client-responses). ### Unauthenticated Middleware [](#unauthenticated-middleware) ``` use Fyre\Auth\Middleware\UnauthenticatedMiddleware; ``` This middleware will throw a [*NotFoundException*](https://github.com/elusivecodes/FyreError#http-exceptions) if the user is authenticated. - `$auth` is an *Auth*. ``` $middleware = new UnauthenticatedMiddleware($auth); ``` Any dependencies will be injected automatically when loading from the [*Container*](https://github.com/elusivecodes/FyreContainer). ``` $middleware = $container->use(UnauthenticatedMiddleware::class); ``` **Handle** Handle a [*ServerRequest*](https://github.com/elusivecodes/FyreServer#server-requests). - `$request` is a [*ServerRequest*](https://github.com/elusivecodes/FyreServer#server-requests). - `$next` is a *Closure*. ``` $response = $middleware->handle($request, $next); ``` This method will return a [*ClientResponse*](https://github.com/elusivecodes/FyreServer#client-responses). ### Health Score 31 — LowBetter than 66% of packages Maintenance50 Moderate activity, may be stable Popularity8 Limited adoption so far Community12 Small or concentrated contributor base Maturity48 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~14 days Total 19 Last Release 355d ago Major Versions v1.0 → v2.02024-10-18 v2.0.1 → v3.02024-12-06 ### Community Maintainers ![](https://www.gravatar.com/avatar/fad81fd5941e3a637c8a5749d05ae3ed9314d5e2fee57f59c3d9ec3b41259c6b?d=identicon)[elusivecodes](/maintainers/elusivecodes) --- Top Contributors [![elusivecodes](https://avatars.githubusercontent.com/u/18050480?v=4)](https://github.com/elusivecodes "elusivecodes (22 commits)") --- Tags authenticationauthorizationphp ### Code Quality TestsPHPUnit Code StylePHP CS Fixer ### Embed Badge ![Health badge](/badges/fyre-auth/health.svg) ``` [![Health](https://phpackages.com/badges/fyre-auth/health.svg)](https://phpackages.com/packages/fyre-auth) ``` ### Alternatives [kartik-v/yii2-password Useful password strength validation utilities for Yii Framework 2.0 761.2M17](/packages/kartik-v-yii2-password)[better-futures-studio/filament-local-logins This is my package filament-local-logins 1334.6k](/packages/better-futures-studio-filament-local-logins) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)