PHPackages                             geant/simplesamlphp-module-selfregister - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. geant/simplesamlphp-module-selfregister

ActiveSimplesamlphp-module[Authentication &amp; Authorization](/categories/authentication)

geant/simplesamlphp-module-selfregister
=======================================

Allows self registration of user accounts using an SQL database back-end.

920115[7 issues](https://github.com/TERENA/simplesamlphp-module-selfregister/issues)[1 PRs](https://github.com/TERENA/simplesamlphp-module-selfregister/pulls)PHP

Since Feb 21Pushed 4y ago6 watchersCompare

[ Source](https://github.com/TERENA/simplesamlphp-module-selfregister)[ Packagist](https://packagist.org/packages/geant/simplesamlphp-module-selfregister)[ RSS](/packages/geant-simplesamlphp-module-selfregister/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependenciesVersions (1)Used By (0)

Selfregister
============

[](#selfregister)

This is a SimpleSAMLphp module that allows registration of users accounts. The original version was developed by [UNINETT](https://rnd.feide.no/2010/03/25/new_simplesamlphp_module_selfregister) and supported LDAP as a backend. This fork adds support for SQL databases as the back-end.

The module needs an `sqlauth:SQL` authentication source as the place to store user accounts. You can use an existing authsource, just make sure the credentials used allow for writing.

People that want to sign up for an account need to fill in their e-mail address, and they get sent a URL with a token to confirm the address. Upon verification the user can then needs choose a username, a password, and values for first and last name. These values are stored in the SQL back-end. To store the password securely it is hashed with a salt, which is saved in a separate database column. This approach allows the database to do the password verification.

Enable this module the standard way (i.e. touching the file `enable` in the module directory, and copy the default configuration file to `config/`).

MySQL back-end
==============

[](#mysql-back-end)

The default configuration file `module_selfregister.php` contains all the necessary statements.

\###Database set-up

Create the database, add a user, and assign permissions:

```
CREATE DATABASE ssp_selfregister;
GRANT ALL on ssp_selfregister.* to 'ssp_user'@'localhost' IDENTIFIED by 'hackme';
FLUSH PRIVILEGES;

```

Create the table that will hold you users:

```
CREATE TABLE users (
    `userid` varchar(32) NOT NULL,
    `password` text NOT NULL,
    `salt` blob,
    `firstname` text,
    `lastname` text,
    `created` datetime NOT NULL,
    `email` varchar(255) NOT NULL,
    `updated` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
    PRIMARY KEY (`userid`),
    UNIQUE KEY `UE` (`email`)
    )

```

\###authsource set-up
---------------------

[](#authsource-set-up)

Create the accompanying authsource in `config/authsources.php`:

```
'selfregister-mysql' => array(
    'sqlauth:SQL',
        'dsn' => 'mysql:host=localhost;dbname=ssp_selfregister',
        'username' => 'ssp_user',
        'password' => 'hackme',
        'query' => 'SELECT userid, firstname, lastname, email FROM users WHERE userid = :username
                    AND password = SHA2 (
                        CONCAT(
                            (SELECT salt FROM users WHERE userid = :username),
                            :password
                        ),
                        512
                    )',
    ),

```

PostgreSQL back-end
===================

[](#postgresql-back-end)

\###Database set-up

As the postgres super user, create a new role, and a new database that is owner by the new user:

```
createuser -D -I -R -S -P ssp_user
createdb -O ssp_user -T template0 ssp_selfregister

```

In order to use the crypto that is needed to do the password verification, you need to add the pgcrypto extension to the database. As the postgres super user:

```
psql ssp_selfregister
CREATE EXTENSION pgcrypto;

```

This in turn might depend on an extra package, for Debian/Ubuntu this is the `postgresql-contrib` package.

\####authsource set-up

Create the accompanying authsource in `config/authsources.php` (and remember to update the `auth` statement in `module_selfregister.php`\_:

```
'selfregister-pgsql' => array(
        'sqlauth:SQL',
        'dsn' => 'pgsql:host=ip6-localhost;dbname=ssp_selfregister',
        'username' => 'ssp_user',
        'password' => 'hackme',
        'query' => "
                SELECT userid, firstname, lastname, email FROM users WHERE userid = :username
                AND password = encode(
                    digest (CONCAT((SELECT salt FROM users WHERE userid = :username), :password::TEXT), 'sha512'),
                    'hex')",
),

```

Attribute mapping
=================

[](#attribute-mapping)

Add the follwoing authproc filter to the IdP metadata (metadata/saml20-idp-hosted.php), so that the attributes will have the standard names:

```
'authproc' => array(

    10 => array(
        'class' => 'core:AttributeMap',
        'userid'    => 'uid',
        'email'     => 'mail',
        'lastname'  => 'sn',
        'firstname' => 'givenName',
    ),

```

###  Health Score

22

—

LowBetter than 22% of packages

Maintenance4

Infrequent updates — may be unmaintained

Popularity21

Limited adoption so far

Community17

Small or concentrated contributor base

Maturity41

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 57.1% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/2851889?v=4)[GÉANT](/maintainers/geant)[@GEANT](https://github.com/GEANT)

---

Top Contributors

[![dnmvisser](https://avatars.githubusercontent.com/u/4074844?v=4)](https://github.com/dnmvisser "dnmvisser (8 commits)")[![jaimeperez](https://avatars.githubusercontent.com/u/1942728?v=4)](https://github.com/jaimeperez "jaimeperez (5 commits)")[![erny](https://avatars.githubusercontent.com/u/77168?v=4)](https://github.com/erny "erny (1 commits)")

### Embed Badge

![Health badge](/badges/geant-simplesamlphp-module-selfregister/health.svg)

```
[![Health](https://phpackages.com/badges/geant-simplesamlphp-module-selfregister/health.svg)](https://phpackages.com/packages/geant-simplesamlphp-module-selfregister)
```

###  Alternatives

[bezhansalleh/filament-shield

Filament support for `spatie/laravel-permission`.

2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle

Implements a refresh token system over Json Web Tokens in Symfony

70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[illuminate/auth

The Illuminate Auth package.

9327.3M1.0k](/packages/illuminate-auth)[beatswitch/lock

A flexible, driver based Acl package for PHP 5.4+

870304.7k2](/packages/beatswitch-lock)[amocrm/amocrm-api-library

amoCRM API Client

182728.5k6](/packages/amocrm-amocrm-api-library)[vonage/jwt

A standalone package for creating JWTs for Vonage APIs

424.1M4](/packages/vonage-jwt)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)