PHPackages                             justinatack/authenticate - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. justinatack/authenticate

ActiveCakephp-plugin[Authentication &amp; Authorization](/categories/authentication)

justinatack/authenticate
========================

Collection of authentication plugins for CakePHP

0181PHP

Since Sep 20Pushed 9y ago1 watchersCompare

[ Source](https://github.com/justinatack/authenticate)[ Packagist](https://packagist.org/packages/justinatack/authenticate)[ RSS](/packages/justinatack-authenticate/feed)WikiDiscussions master Synced today

READMEChangelogDependenciesVersions (1)Used By (0)

Passwordless Authentication for CakePHP 3
=========================================

[](#passwordless-authentication-for-cakephp-3)

Installation
------------

[](#installation)

You can install this plugin into your CakePHP application using [composer](http://getcomposer.org).

The recommended way to install this composer package is:

```
composer require justinatack/authenticate:dev-master

```

In your config/bootstrap.php file add the following

```
Plugin::load('JustinAtack/Authenticate');

```

In your src/Controller/AppController.php file add the following

```
$this->loadComponent('Auth', [
    'authenticate' => [
        'JustinAtack/Authenticate.Passwordless' => [
            'fields' => [
                'username' => 'email',
                'token' => 'token',
                'token_expiry' => 'token_expiry'
            ],
            'token' => [
                'query' => 'token',
                'length' => 10, // bytes
                'expires' => '+10 mins'
            ]
        ]
    ]
]);

```

Instructions
------------

[](#instructions)

Create a Users table with `email`, `token` and `token_expiry` fields. The following columns could be used as a starting point in a Users migration.

```
$table->addColumn('email', 'string', [
    'default' => null,
    'limit' => 255,
    'null' => false,
]);
$table->addColumn('token', 'string', [
    'default' => null,
    'limit' => 255,
    'null' => true,
]);
$table->addColumn('token_expiry', 'datetime', [
    'default' => null,
    'null' => true,
]);

```

In your src/Controller/UsersController.php add the following login method

```
public function login($token = null)
{
    /**
     * Validate token and login user
     *
     */
    if (!empty($this->request->params['pass'][0]) || !empty($this->request->query('token'))) {
        $user = $this->Auth->identify();
        if ($user) {
            $this->Auth->setUser($user);
            return $this->redirect($this->Auth->redirectUrl());
        }
        $this->Flash->error(__('Invalid or expired token, please request new login token'));
        return $this->redirect($this->Auth->redirectUrl());
    }

    /**
     * Validate email and send login token
     *
     */
    if ($this->request->is('post')) {
        $user = $this->Auth->identify();
        if ($user) {
            $this->Flash->success(__('A one-time login URL has been emailed to you'));
            return $this->redirect($this->Auth->redirectUrl());
        }
        $this->Flash->error(__('Email is incorrect'));
        return $this->redirect($this->Auth->redirectUrl());
    }
}

```

Create a login view with a single email form field and submit button. Now add a User and then submit the Login form with email address. This will generate a token and set the token\_expiry. Using this code you can login with the following urls, both will work the same.

```
https://www.example.com/users/login/{token_here}
https://www.example.com/users/login?token={token_here}

```

At this point you should have a working login system with `token` and `token_expiry` being saved after each login email request. This plugin does not handle the token email to send to the User after login request. This part is for you to decide how to handle, perhaps you might want to Queue the request or email it straight away or even SMS it. Heres a head start. The following code is placed in your src/Controller/UsersController.php file. It listens to the Auth.afterIdentify event. You can trigger your own method call to do as you please e.g. send the token email with login link to your user. I have simply logged the event to my debug log.

```
use Cake\Log\Log;

/**
 * Initialize method
 *
 */
public function initialize()
{
    parent::initialize();
    $this->Auth->allow(['login', 'logout', 'add']);
    $this->eventManager()->on('Auth.afterIdentify', [$this, 'afterIdentify']);
}

public function afterIdentify(Event $event, array $user)
{
    Log::write('debug', $user);
    // Email user link with embedded token.
    // See example links above to generate correct URLs
}

```

Example debug log output

```
2016-08-22 07:18:45 Debug: Array
(
    [id] => 1
    [email] => passwordless@example.com
    [token] => 53af7103f12c1e9ff752
)

```

Warning
-------

[](#warning)

All token links should ONLY be used over a secure SSL connection.

###  Health Score

21

—

LowBetter than 18% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity10

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity41

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

### Community

Maintainers

![](https://www.gravatar.com/avatar/fb53241542bcdd322d61a7ef8f2dc0d55907dfdc920edf6b898a355892704cc9?d=identicon)[justinatack](/maintainers/justinatack)

---

Top Contributors

[![justinatack](https://avatars.githubusercontent.com/u/6056502?v=4)](https://github.com/justinatack "justinatack (18 commits)")

### Embed Badge

![Health badge](/badges/justinatack-authenticate/health.svg)

```
[![Health](https://phpackages.com/badges/justinatack-authenticate/health.svg)](https://phpackages.com/packages/justinatack-authenticate)
```

###  Alternatives

[kartik-v/yii2-password

Useful password strength validation utilities for Yii Framework 2.0

761.2M17](/packages/kartik-v-yii2-password)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
