PHPackages marko/authentication - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. marko/authentication ActiveMarko-module[Authentication & Authorization](/categories/authentication) marko/authentication ==================== Authentication and authorization for Marko Framework 0.7.0(3w ago)0247↑20%6MITPHPPHP ^8.5 Since Mar 25Pushed 3w agoCompare [ Source](https://github.com/marko-php/marko-authentication)[ Packagist](https://packagist.org/packages/marko/authentication)[ RSS](/packages/marko-authentication/feed)WikiDiscussions develop Synced 3w ago READMEChangelogDependencies (6)Versions (18)Used By (6) Marko Authentication ==================== [](#marko-authentication) Session and token-based authentication---guards protect routes, events track activity, middleware controls access. Installation ------------ [](#installation) ``` composer require marko/authentication ``` Configuration ------------- [](#configuration) Publish the configuration file to `config/authentication.php`: ``` return [ 'default' => [ 'guard' => 'web', 'provider' => 'users', ], 'guards' => [ 'web' => [ 'driver' => 'session', 'provider' => 'users', ], 'api' => [ 'driver' => 'token', 'provider' => 'users', ], ], 'providers' => [ 'users' => [ 'driver' => 'eloquent', 'model' => App\Models\User::class, ], ], 'password' => [ 'bcrypt' => [ 'cost' => 12, ], ], 'remember' => [ 'lifetime' => 604800, ], ]; ``` Usage ----- [](#usage) Use `AuthManager` to interact with the authentication system: ``` use Marko\Authentication\AuthManager; class LoginController { public function __construct( private AuthManager $authManager, ) {} public function login(array $credentials): bool { if ($this->authManager->attempt($credentials)) { return true; } return false; } public function dashboard(): Response { if ($this->authManager->check()) { $user = $this->authManager->user(); return new Response("Welcome, {$user->getName()}"); } return Response::redirect('/login'); } public function logout(): void { $this->authManager->logout(); } } ``` Guards ------ [](#guards) Guards define how users are authenticated for each request. The `Guard` interface is implemented by all guard drivers. ### SessionGuard [](#sessionguard) The `SessionGuard` authenticates users via session storage. It is the default guard for web requests: ``` // Resolved automatically when using the 'session' driver in config $guard = $this->authManager->guard('web'); // returns SessionGuard ``` ### TokenGuard [](#tokenguard) The `TokenGuard` authenticates users via a token sent with each request. Useful for API authentication: ``` // Resolved automatically when using the 'token' driver in config $guard = $this->authManager->guard('api'); // returns TokenGuard ``` Middleware ---------- [](#middleware) ### AuthMiddleware [](#authmiddleware) `AuthMiddleware` ensures a request is made by an authenticated user. Unauthenticated requests are redirected to the login page: ``` use Marko\Authentication\Middleware\AuthMiddleware; // In your route or middleware stack $middleware = [AuthMiddleware::class]; ``` ### GuestMiddleware [](#guestmiddleware) `GuestMiddleware` ensures a request is made by a guest (unauthenticated user). Authenticated users are redirected away from guest-only routes such as login and register: ``` use Marko\Authentication\Middleware\GuestMiddleware; // In your route or middleware stack $middleware = [GuestMiddleware::class]; ``` Events ------ [](#events) Authentication events are dispatched automatically during the authentication lifecycle. ### LoginEvent [](#loginevent) Dispatched when a user successfully logs in: ``` use Marko\Authentication\Event\LoginEvent; // Dispatched automatically on successful login ``` ### LogoutEvent [](#logoutevent) Dispatched when a user logs out: ``` use Marko\Authentication\Event\LogoutEvent; // Dispatched automatically on logout ``` ### FailedLoginEvent [](#failedloginevent) Dispatched when a login attempt fails: ``` use Marko\Authentication\Event\FailedLoginEvent; // Dispatched automatically on failed login attempt ``` Documentation ------------- [](#documentation) Full usage, API reference, and examples: [marko/authentication](https://marko.build/docs/packages/authentication/) ### Health Score 46 — FairBetter than 92% of packages Maintenance94 Actively maintained with recent releases Popularity16 Limited adoption so far Community16 Small or concentrated contributor base Maturity50 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~4 days Recently: every ~15 days Total 16 Last Release 27d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/437029?v=4)[Mark Shust](/maintainers/markshust)[@markshust](https://github.com/markshust) --- Top Contributors [![markshust](https://avatars.githubusercontent.com/u/437029?v=4)](https://github.com/markshust "markshust (11 commits)") ### Embed Badge ![Health badge](/badges/marko-authentication/health.svg) ``` [![Health](https://phpackages.com/badges/marko-authentication/health.svg)](https://phpackages.com/packages/marko-authentication) ``` PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)