PHPackages                             kuick/security - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Security](/categories/security)
4. /
5. kuick/security

ActiveLibrary[Security](/categories/security)

kuick/security
==============

Kuick Security is a package for security related tasks. Includes PSR-15 middleware implementation

v1.3.1(1mo ago)15.7k1MITPHPPHP &gt;=8.2.0CI passing

Since Jan 22Pushed 1mo ago1 watchersCompare

[ Source](https://github.com/milejko/kuick-security)[ Packagist](https://packagist.org/packages/kuick/security)[ RSS](/packages/kuick-security/feed)WikiDiscussions main Synced 1mo ago

READMEChangelog (5)Dependencies (6)Versions (7)Used By (1)

Kuick Security
==============

[](#kuick-security)

[![Latest Version](https://camo.githubusercontent.com/744fe3beb0f5f5431fb607e51e5a2c9df842b0575c66b6a8e573cf18b1f00e56/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f72656c656173652f6d696c656a6b6f2f6b7569636b2d73656375726974792e7376673f63616368655365636f6e64733d33363030)](https://github.com/milejko/kuick-security/releases)[![PHP](https://camo.githubusercontent.com/ac99b489f44f6ce512b6a4d6919492f00b43862f88161b80e35da61f35064ca0/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e32253230253743253230382e33253230253743253230382e34253230253743253230382e352d626c75653f6c6f676f3d7068702663616368655365636f6e64733d33363030)](https://www.php.net)[![Total Downloads](https://camo.githubusercontent.com/f25403596bfe770bc4f40ec0c27f49d6a71adcdcda961642b4b3063735c6bb5f/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6b7569636b2f73656375726974792e7376673f63616368655365636f6e64733d33363030)](https://packagist.org/packages/kuick/security)[![GitHub Actions CI](https://github.com/milejko/kuick-security/actions/workflows/ci.yml/badge.svg)](https://github.com/milejko/kuick-security/actions/workflows/ci.yml)[![codecov](https://camo.githubusercontent.com/9133a0fcaabb5dd6e8954a0d47c79d78f95932e0a434827af9aa424e25a07fea/68747470733a2f2f636f6465636f762e696f2f67682f6d696c656a6b6f2f6b7569636b2d73656375726974792f67726170682f62616467652e7376673f746f6b656e3d4d3346573358594a354a)](https://codecov.io/gh/milejko/kuick-security)[![Software License](https://camo.githubusercontent.com/e2f0982d826e942af97a6e879597c2301c2a8a97567d69e47148db858bbc5de3/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f63616368655365636f6e64733d3134343030)](LICENSE)

Security package implementing PSR-15 middleware
-----------------------------------------------

[](#security-package-implementing-psr-15-middleware)

### Key features

[](#key-features)

1. PSR-15() security middleware implementation
2. Support for flexible Guards (any callable)
3. Guardhouse service with methods to register Guards (regex path support)

### Installation

[](#installation)

```
composer require kuick/security
```

### Usage

[](#usage)

#### 1. Create a guard

[](#1-create-a-guard)

A guard is any invokable object (or closure) accepting a `ServerRequestInterface` and returning `void|null`. Throw a `Kuick\Http\HttpException` to deny the request.

```
use Kuick\Http\HttpException;
use Kuick\Http\Message\Response;
use Psr\Http\Message\ServerRequestInterface;

class BearerTokenGuard
{
    public function __invoke(ServerRequestInterface $request): void
    {
        $authHeader = $request->getHeaderLine('Authorization');
        if (!str_starts_with($authHeader, 'Bearer valid-token')) {
            throw new HttpException(Response::HTTP_UNAUTHORIZED, 'Invalid or missing token');
        }
    }
}
```

#### 2. Register guards in the `Guardhouse`

[](#2-register-guards-in-the-guardhouse)

Use `addGuard(string $path, object $guard, array $methods = [...])` to register guards. The `$path` is a **full regex** (anchored as `#^…$#`). Named capture groups are merged into the request's query params.

By default (when `$methods` is omitted), a guard matches all HTTP methods: `GET`, `POST`, `PUT`, `PATCH`, `DELETE`, `OPTIONS`. `HEAD` is automatically included whenever `GET` is listed.

```
use Kuick\Security\Guardhouse;
use Psr\Log\NullLogger;

$guardhouse = (new Guardhouse(new NullLogger()))
    // protect all routes with a token check
    ->addGuard('/api/.*', new BearerTokenGuard())
    // restrict a specific route to GET only
    ->addGuard('/api/resource/(?P\d+)', new BearerTokenGuard(), ['GET']);
```

#### 3. Wire up the PSR-15 middleware

[](#3-wire-up-the-psr-15-middleware)

Pass the `Guardhouse` to `SecurityMiddleware` and add it to your PSR-15 middleware stack.

```
use Kuick\Security\SecurityMiddleware;

$middleware = new SecurityMiddleware($guardhouse, new NullLogger());

// Example with any PSR-15-compatible dispatcher (e.g. Relay, Slim, etc.)
$response = $middleware->process($serverRequest, $nextHandler);
```

If a guard throws a `Kuick\Http\HttpException` the exception propagates up — your framework's error handler is responsible for converting it into an HTTP response. If all guards pass, the request is forwarded to `$nextHandler`.

#### Path regex &amp; captured parameters

[](#path-regex--captured-parameters)

Regex captures (named or positional) from the matched path are merged into the request's query params before the guard is invoked:

```
// Guard registered for: '/users/(?\d+)'
// Request: GET /users/42
// Inside the guard, $request->getQueryParams()['userId'] === '42'
```

###  Health Score

48

—

FairBetter than 93% of packages

Maintenance90

Actively maintained with recent releases

Popularity25

Limited adoption so far

Community12

Small or concentrated contributor base

Maturity55

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~95 days

Recently: every ~118 days

Total

6

Last Release

50d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/f986340afe26a382bdec4d838f514714b6f5bc7222baf73972001a66b9b6dab0?d=identicon)[emisarius](/maintainers/emisarius)

---

Top Contributors

[![milejko](https://avatars.githubusercontent.com/u/14335568?v=4)](https://github.com/milejko "milejko (12 commits)")

---

Tags

middlewaresecuritypsr-15Kuick

### Embed Badge

![Health badge](/badges/kuick-security/health.svg)

```
[![Health](https://phpackages.com/badges/kuick-security/health.svg)](https://phpackages.com/packages/kuick-security)
```

###  Alternatives

[matomo/matomo

Matomo is the leading Free/Libre open analytics platform

21.7k38.9k](/packages/matomo-matomo)[ayesh/stateless-csrf

Secret-key based state-less CSRF token generator and validator for PHP 8. State-less means you do not have to store the CSRF token in session or database.

3224.5k](/packages/ayesh-stateless-csrf)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
